covid.hilton.com Open in urlscan Pro
2a02:26f0:120::5435:8c68 Public Scan

URL:
https://covid.hilton.com/
Submission: On May 03 via manual (May 3rd 2021, 9:18:39 pm UTC) from US

Summary HTTP 125 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 34 domains to perform 125 HTTP transactions. The main IP is 2a02:26f0:120::5435:8c68, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is covid.hilton.com.
TLS certificate: Issued by R3 on March 1st 2021. Valid for: 3 months.

This is the only time covid.hilton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	2a02:26f0:120... 2a02:26f0:120::5435:8c68	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	54.193.7.186 54.193.7.186	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 18	54.170.210.188 54.170.210.188	16509 (AMAZON-02) (AMAZON-02)
6	65.9.84.41 65.9.84.41	16509 (AMAZON-02) (AMAZON-02)
1	54.230.183.72 54.230.183.72	16509 (AMAZON-02) (AMAZON-02)
2	15.237.136.106 15.237.136.106	16509 (AMAZON-02) (AMAZON-02)
1 1	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1 1	3.127.52.31 3.127.52.31	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
19	65.9.84.31 65.9.84.31	16509 (AMAZON-02) (AMAZON-02)
3	34.202.81.13 34.202.81.13	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 6	54.192.210.21 54.192.210.21	16509 (AMAZON-02) (AMAZON-02)
1	52.222.183.88 52.222.183.88	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
1	3.232.192.25 3.232.192.25	14618 (AMAZON-AES) (AMAZON-AES)
1 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	35.186.236.204 35.186.236.204	15169 (GOOGLE) (GOOGLE)
1	54.158.164.13 54.158.164.13	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
2 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	107.23.149.138 107.23.149.138	14618 (AMAZON-AES) (AMAZON-AES)
1	35.171.36.131 35.171.36.131	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:207... 2600:9000:2070:8e00:10:f40e:dd80:21	16509 (AMAZON-02) (AMAZON-02)
2 2	34.251.130.56 34.251.130.56	16509 (AMAZON-02) (AMAZON-02)
1 1	74.217.31.247 74.217.31.247	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
8 8	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
125	29

43 2a02:26f0:120::5435:8c68 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

covid.hilton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.193.7.186 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-193-7-186.us-west-1.compute.amazonaws.com

i.icomoon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.170.210.188 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hilton.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.84.41 (United States)

ASN16509 (AMAZON-02, US)

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.183.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-72.ham50.r.cloudfront.net

4dc2aa82bc5e.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.136.106 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

smetric.hilton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.191.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.52.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-52-31.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 65.9.84.31 (United States)

ASN16509 (AMAZON-02, US)

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.202.81.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-81-13.compute-1.amazonaws.com

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.192.210.21 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-192-210-21.ham50.r.cloudfront.net

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.183.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-183-88.ham50.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.27 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.192.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.236.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.236.186.35.bc.googleusercontent.com

mpp.vindicosuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.164.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-164-13.compute-1.amazonaws.com

facf75f4c6d54591a88a57ced9fd8b9f-4dc2aa82bc5e.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States) 1 redirects

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.212.60 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.149.138 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-149-138.compute-1.amazonaws.com

get.truex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.36.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2070:8e00:10:f40e:dd80:21 (United States)

ASN16509 (AMAZON-02, US)

df45ay5pw60dy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.130.56 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-130-56.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.217.31.247 (Secaucus, United States) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

pix-us.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.114.49 (Frankfurt am Main, Germany) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	hilton.com covid.hilton.com smetric.hilton.com	3 MB
26	trustarc.com consent.trustarc.com consent-pref.trustarc.com consent-st.trustarc.com	368 KB
18	demdex.net 1 redirects dpm.demdex.net hilton.demdex.net	21 KB
11	forter.com 3 redirects 4dc2aa82bc5e.cdn4.forter.com cdn3.forter.com cdn9.forter.com facf75f4c6d54591a88a57ced9fd8b9f-4dc2aa82bc5e.cdn.forter.com	47 KB
9	everesttech.net 9 redirects cm.everesttech.net sync-tm.everesttech.net	2 KB
4	googleapis.com maps.googleapis.com	122 KB
3	cloudfront.net df45ay5pw60dy.cloudfront.net	1 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	doubleclick.net 1 redirects fls.doubleclick.net cm.g.doubleclick.net	2 KB
3	adobedtm.com assets.adobedtm.com	135 KB
3	typekit.net use.typekit.net p.typekit.net	35 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	470 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	998 B
2	yieldoptimizer.com 2 redirects tag.yieldoptimizer.com	2 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com	804 B
2	facebook.com www.facebook.com	431 B
2	icomoon.io i.icomoon.io	50 KB
1	pubmatic.com image2.pubmatic.com	809 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	revjet.com 1 redirects pix-us.revjet.com	333 B
1	adentifi.com rtb.adentifi.com	88 B
1	truex.com 1 redirects get.truex.com	302 B
1	bttrack.com bttrack.com	380 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com	888 B
1	flashtalking.com 1 redirects servedby.flashtalking.com	664 B
1	bing.com 1 redirects c.bing.com	391 B
1	vindicosuite.com mpp.vindicosuite.com	276 B
1	quantserve.com 1 redirects pixel.quantserve.com	495 B
1	truste-svc.net prefmgr-cookie.truste-svc.net	2 KB
1	turn.com 1 redirects d.turn.com	402 B
1	agkn.com 1 redirects aa.agkn.com	329 B
125	34

	Domain	Requested by
43	covid.hilton.com	covid.hilton.com
19	consent-pref.trustarc.com	consent.trustarc.com consent-pref.trustarc.com covid.hilton.com prefmgr-cookie.truste-svc.net
17	dpm.demdex.net	1 redirects covid.hilton.com
8	sync-tm.everesttech.net	8 redirects
6	cdn9.forter.com	3 redirects covid.hilton.com
6	consent.trustarc.com	covid.hilton.com consent.trustarc.com consent-pref.trustarc.com
4	maps.googleapis.com	covid.hilton.com maps.googleapis.com
3	df45ay5pw60dy.cloudfront.net
3	ib.adnxs.com	2 redirects
3	cdn3.forter.com
3	assets.adobedtm.com	covid.hilton.com assets.adobedtm.com
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	tag.yieldoptimizer.com	2 redirects
2	cm.g.doubleclick.net	1 redirects
2	idsync.rlcdn.com	2 redirects
2	www.facebook.com	covid.hilton.com
2	smetric.hilton.com	assets.adobedtm.com
2	i.icomoon.io	covid.hilton.com i.icomoon.io
2	use.typekit.net	covid.hilton.com
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	pix-us.revjet.com	1 redirects
1	rtb.adentifi.com
1	get.truex.com	1 redirects
1	bttrack.com
1	cms.analytics.yahoo.com	1 redirects
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	servedby.flashtalking.com	1 redirects
1	c.bing.com	1 redirects
1	facf75f4c6d54591a88a57ced9fd8b9f-4dc2aa82bc5e.cdn.forter.com
1	mpp.vindicosuite.com	covid.hilton.com
1	pixel.quantserve.com	1 redirects
1	prefmgr-cookie.truste-svc.net	covid.hilton.com
1	d.turn.com	1 redirects
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	aa.agkn.com	1 redirects
1	fls.doubleclick.net	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	hilton.demdex.net	assets.adobedtm.com
1	4dc2aa82bc5e.cdn4.forter.com	covid.hilton.com
1	p.typekit.net	use.typekit.net
125	45

This site contains links to these domains. Also see Links.

Domain
www.hilton.com
help.hilton.com
hiltonworldwide3.hilton.com
www.who.int
www.cdc.gov
www3.hilton.com
apply.americanexpress.com
play.google.com
itunes.apple.com
newsroom.hilton.com
www.pointworthy.com
wck.org
www.projecthope.org
www.directrelief.org
nam02.safelinks.protection.outlook.com
experiences.hiltonhonors.com
www.americanexpress.com
teammembers.hilton.com
hiltonhonors3.hilton.com
www.aboutads.info

Subject Issuer	Validity	Valid
fonts.hilton.com R3	`2021-03-01` - `2021-05-30`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
i.icomoon.io RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-12-29` - `2021-12-29`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.cdn4.forter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-18` - `2021-12-14`	a year	crt.sh
smetric.hilton.com DigiCert SHA2 High Assurance Server CA	`2020-05-25` - `2021-08-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
cdn3.forter.com DigiCert SHA2 Secure Server CA	`2019-03-24` - `2021-06-16`	2 years	crt.sh
cdn9.forter.com Amazon	`2021-04-29` - `2022-05-28`	a year	crt.sh
*.truste-svc.net Go Daddy Secure Certificate Authority - G2	`2020-04-25` - `2022-06-23`	2 years	crt.sh
mpp.vindicosuite.com GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.cdn.forter.com DigiCert SHA2 Secure Server CA	`2020-09-18` - `2021-07-07`	10 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://covid.hilton.com/
Frame ID: 999F06B3A3B042CE16A8AF827EC9E6F4
Requests: 75 HTTP requests in this frame

Frame: https://hilton.demdex.net/dest5.html?d_nsid=0
Frame ID: C62B21AD4A3300ECB9A76A210B085D1F
Requests: 27 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 7F04DEFF94102E96B9783B02368166CA
Requests: 20 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Frame ID: 6458C178FF6D7F37CE91E8CCD4B1D977
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Frame ID: D7AB2E6CB51DDDD675678810C6D27657
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 401030AF65033B0F7745C3B4B775A4CF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

125
Requests

100 %
HTTPS

26 %
IPv6

34
Domains

45
Subdomains

29
IPs

5
Countries

3377 kB
Transfer

5803 kB
Size

15
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hilton.com/en/?cid=OH,WW,COVIDlogo,MULTIPR,Dropdown,AboutUs,SingleLink,i80834
Title:

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/?cid=OH,WW,COVIDwidget,MULTIPR,Dropdown,AboutUs,SingleLink,i80837
Title: Book Your Stay

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/corporate/cleanstay/?cid=OH,WW,COVIDhub,MULTIPR,Dropdown,AboutUs,SingleLink,i80835
Title: Learn More

Search URL Search Domain Scan URL

URL: https://help.hilton.com/s/?cid=OH,WW,COVIDhub,MULTIPR,Tile,AboutUs,SingleLink,i80838
Title: Hilton Guest Assistance team

Search URL Search Domain Scan URL

URL: https://hiltonworldwide3.hilton.com/en/price-match-guarantee/overview.html?cid=OH,WW,COVIDnew,MULTIPR,Tile,AboutUs,SingleLink,i80798
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/hilton-honors/guest/activity/?cid=OH,WW,COVIDnew,MULTIPR,Tile,AboutUs,SingleLink,i80799%20%C2%A0%C2%A0
Title: View Upcoming Stays

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/corporate/cleanstay/
Title: Hilton CleanStay with Lysol Protection

Search URL Search Domain Scan URL

URL: https://www.who.int/
Title: WHO

Search URL Search Domain Scan URL

URL: https://www.cdc.gov/
Title: CDC

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/?cid=OH,WW,COVIDbanner,MULTIPR,Tile,AboutUs,SingleLink,i80836
Title: Book Your Stay

Search URL Search Domain Scan URL

URL: https://www3.hilton.com/rs/amex-honors-flexibility/terms/
Title: Terms Apply.

Search URL Search Domain Scan URL

URL: https://apply.americanexpress.com/hilton-card/?page_url=753
Title: Learn more >

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.hilton.android.hhonors

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/apple-store/id635150066?pt=290242&ct=DG-WP-HW-AppInstall-ECICYR&mt=8

Search URL Search Domain Scan URL

URL: https://newsroom.hilton.com/corporate/news/hilton-american-express-team-up-to-donate-rooms
Title: Learn More

Search URL Search Domain Scan URL

URL: https://newsroom.hilton.com/corporate/news/amex-hilton-world-central-kitchen-provide-meals
Title: Learn More

Search URL Search Domain Scan URL

URL: https://newsroom.hilton.com/corporate/page/11937
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.pointworthy.com/partners/hilton/index.xhtml
Title: donate Hilton Honors Points

Search URL Search Domain Scan URL

URL: https://wck.org/
Title: World Central Kitchen

Search URL Search Domain Scan URL

URL: https://www.projecthope.org/
Title: Project Hope

Search URL Search Domain Scan URL

URL: https://www.directrelief.org/
Title: Direct Relief

Search URL Search Domain Scan URL

URL: https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fhiltonhonors3.hilton.com%2Frs%2Feven-more%2Ffaq%2F%23sectionEliteRolloverNights&data=04%7C01%7CShannon.McDowell%40hilton.com%7Cd3e78bbf62d54ade50e408d879e1ff64%7C660292d2cfd54a3db7a7e8f7ee458a0a%7C0%7C0%7C637393358870353349%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=7YagXoMQixxNOsg0DuMVO3yZWBDdiQkDCIjUgrszYNs%3D&reserved=0
Title: Learn more about Elite Rollover Nights

Search URL Search Domain Scan URL

URL: https://experiences.hiltonhonors.com/iSynApp/showPage.action?sid=1101241&pageName=faq
Title: FAQs page

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/campaigns/new-offers/hilton/hilton-surpass-mznywv/
Title: Hilton Honors American Express Surpass® Card

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/us/campaigns/new-offers/hilton/hilton-aspire-lpmnvz/
Title: Hilton Honors American Express Aspire Card

Search URL Search Domain Scan URL

URL: https://teammembers.hilton.com/covid19
Title: Hilton Workforce Resource Center

Search URL Search Domain Scan URL

URL: https://help.hilton.com/s/?cid=OH,WW,COVIDfooter,MULTIPR,Tile,AboutUs,SingleLink,i80839
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://www3.hilton.com/en/index.html
Title:

Search URL Search Domain Scan URL

URL: https://hiltonhonors3.hilton.com/en/index.html
Title:

Search URL Search Domain Scan URL

URL: http://hiltonhonors3.hilton.com/en/promotions/privacy-policy/english.html
Title: Global Privacy Statement

Search URL Search Domain Scan URL

URL: http://hiltonhonors3.hilton.com/en/policy/cookies-statement/english.html
Title: Cookies Statement

Search URL Search Domain Scan URL

URL: http://www.hilton.com/en/hi/info/site_usage.jhtml
Title: Site Usage Agreement

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices/
Title: AdChoices

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/hilton-honors/personal-data-requests/
Title: Do Not Sell My Information

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/corporate/msat-statement/
Title: Modern Slavery and Human Trafficking

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1620076700435 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1620076700435

Request Chain 55

https://cm.everesttech.net/cm/dd?d_uuid=56063864245999558502552290808866379196 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJBonAAAALemYCkN

Request Chain 60

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=56063864245999558502552290808866379196 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=164970403775001211031

Request Chain 66

https://idsync.rlcdn.com/365868.gif?partner_uid=56063864245999558502552290808866379196 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTYwNjM4NjQyNDU5OTk1NTg1MDI1NTIyOTA4MDg4NjYzNzkxOTYQABoNCJ3RwYQGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=7118da9952858cacd126052debc310e15e102de4f3e0be398033eb31da548606b0da87c991749652

Request Chain 68

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/28ee09cd3b4f7a7f6e22e61f18ab0fbea1bb965a2b8f1530ecef370bb796cb42ac7f4bcc631750e1def048d4a572

Request Chain 73

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=2304448594098764619

Request Chain 78

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3440017422702110216

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTYwNjM4NjQyNDU5OTk1NTg1MDI1NTIyOTA4MDg4NjYzNzkxOTY= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIxgYIYR7__CcR0HA6fM2xM&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 85

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=aWKLUWlqiwVyZYBTOjGfWWphigRyMItQbGpxUfR1

Request Chain 88

https://c.bing.com/c.gif?uid=56063864245999558502552290808866379196&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2888A2F6C2CE6A860C80B2DAC31C6B82

Request Chain 89

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=4871166BCE0C7D&gdpr=0&gdpr_consent=

Request Chain 90

https://a.tribalfusion.com/i.match?p=b13&u=56063864245999558502552290808866379196&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=56063864245999558502552290808866379196&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 96

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233 HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=877163242&t=i&p=2233 HTTP 302
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3014775342227

Request Chain 99

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=56063864245999558502552290808866379196&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-nbx_uYZE2pFnqo_w04g_5HlZH1D24N1GII0-~A

Request Chain 101

https://get.truex.com/adobe/audience_manager/sync HTTP 302
https://dpm.demdex.net/ibs:dpid=66013&dpuuid=

Request Chain 108

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=56063864245999558502552290808866379196?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=56063864245999558502552290808866379196?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=db63969ceb95e7b99effd837771a5e4d

Request Chain 109

https://pix-us.revjet.com/idsync/adobe/1?aam_id=56063864245999558502552290808866379196&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D70027%26dpuuid%3D%24%24visitor_id%24%24 HTTP 302
https://dpm.demdex.net/ibs:dpid=70027&dpuuid=4957988205880716540

Request Chain 110

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUpCb25BQUFBTGVtWUNrTg==

Request Chain 111

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YJBonAAAALemYCkN&expires=90

Request Chain 112

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJBonAAAALemYCkN HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJBonAAAALemYCkN&C=1

Request Chain 113

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YJBonAAAALemYCkN

Request Chain 114

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YJBonAAAALemYCkN HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YJBonAAAALemYCkN

Request Chain 115

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJBonAAAALemYCkN

Request Chain 116

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YJBonAAAALemYCkN&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YJBonAAAALemYCkN&img=1&__user_check__=1&sync_id=17c2a9fe-ac55-11eb-a394-1ce730eb0406

Request Chain 117

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YJBonAAAALemYCkN&t=2592000&o=0

Request Chain 118

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/28ee09cd3b4f7a7f6e22e61f18ab0fbea1bb965a2b8f1530ecef370bb796cb42ac7f4bcc631750e1def04dd4a478

Request Chain 123

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/28ee09cd3b4f7a7f6e22e61f18ab0fbea1bb965a2b8f1530ecef370bb796cb42ac7f4bcc631750e1def14ad4aa74

125 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
covid.hilton.com/ 110 KB
23 KB 28ms
9ms Document
text/html 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

9b7b68ae0fbb39e3ad94dde4ee7a8813de3a8ce21c9d4c0dae0d07a23c5032ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: covid.hilton.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: Apache
link: <https://covid.hilton.com/wp-json/>; rel="https://api.w.org/", <https://covid.hilton.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://covid.hilton.com/>; rel=shortlink
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-encoding: gzip
x-rs-server: gla-us-3
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
content-length: 22809
cache-control: max-age=238516
expires: Thu, 06 May 2021 15:33:36 GMT
date: Mon, 03 May 2021 21:18:20 GMT

GET
H2 200 style.min.css
covid.hilton.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 14ms
11ms Stylesheet
text/css 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-rs-server: gla-us-3
content-length: 8685
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 10:53:40 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=368364
etag: "e33b-5c000ad196684-gzip"
accept-ranges: bytes
expires: Sat, 08 May 2021 03:37:44 GMT

GET
H2 200 main.min.css
covid.hilton.com/wp-content/themes/covidhub-theme/dist/ 18 KB
3 KB 28ms
25ms Stylesheet
text/css 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.css

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

ed2deb9777bc2d92526c909f01ff761adfb64928a39415d28cb5ae06c163460d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/covidhub-theme/dist/main.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-rs-server: gla-us-3
content-length: 2775
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Nov 2020 14:30:59 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=53995
etag: "49fb-5b4ef46a5aec0-gzip"
accept-ranges: bytes
expires: Tue, 04 May 2021 12:18:15 GMT

GET
H2 200 hku7kky.css
use.typekit.net/ 1 KB
817 B 20ms
6ms Stylesheet
text/css 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/hku7kky.css

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

656a227f88e0f2ae1fbb6a42454ba038f7b67e630e22cca1a00383eff854a245

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 585

GET
H2 200 main.min.css
covid.hilton.com/wp-content/themes/xd-theme/dist/ 192 KB
25 KB 49ms
47ms Stylesheet
text/css 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-content/themes/xd-theme/dist/main.min.css

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

2e1b09e83d7f47cb8b19d062e70d8f4d2496e46f6d9d3a998a5da03a0d2adae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/xd-theme/dist/main.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-rs-server: gla-us-3
content-length: 25425
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Apr 2021 11:12:19 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=203378
etag: "2feae-5bf741eeb126a-gzip"
accept-ranges: bytes
expires: Thu, 06 May 2021 05:47:58 GMT

GET
H2 200 style.css
i.icomoon.io/public/a6f3eea267/XDTheme/ 24 KB
4 KB 464ms
154ms Stylesheet
text/css 54.193.7.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.icomoon.io/public/a6f3eea267/XDTheme/style.css
Requested by: Host: covid.hilton.com
URL: https://covid.hilton.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.193.7.186 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-193-7-186.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 26913280199916784f9af92b89a0a1bf7e7d752a07682cd51f8d3ebe0c08170d

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:20 GMT
content-encoding: gzip
last-modified: Mon, 12 Apr 2021 12:57:32 GMT
server: nginx
etag: W/"607443bc-60ea"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 launch-EN02272261e0b845508227acf3ca0c37de.min.js Show response
assets.adobedtm.com/ 551 KB
111 KB 21ms
6ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
Requested by: Host: covid.hilton.com
URL: https://covid.hilton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ab77584aacbfa4a2a0eefb220e308c3f067656ced41e864a9e80c65836b5ce93

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:20 GMT
content-encoding: gzip
last-modified: Fri, 30 Apr 2021 17:05:43 GMT
server: AkamaiNetStorage
etag: "1be54dd5c51eb8b157dc17ab8287eb80:1619802343.898607"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://covid.hilton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 113418
expires: Mon, 03 May 2021 22:18:20 GMT

GET
H2 200 jquery.min.js Show response
covid.hilton.com/wp-includes/js/jquery/ 87 KB
31 KB 60ms
59ms Script
application/javascript 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-includes/js/jquery/jquery.min.js

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-rs-server: gla-us-3
content-length: 30916
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Dec 2020 16:12:26 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=53939
etag: "15d98-5b723f5046e80-gzip"
accept-ranges: bytes
expires: Tue, 04 May 2021 12:17:19 GMT

GET
H2 200 jquery-migrate.min.js Show response
covid.hilton.com/wp-includes/js/jquery/ 11 KB
4 KB 89ms
88ms Script
application/javascript 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-rs-server: gla-us-3
content-length: 4169
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Dec 2020 16:12:26 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=53992
etag: "2bd8-5b723f5046e80-gzip"
accept-ranges: bytes
expires: Tue, 04 May 2021 12:18:12 GMT

GET
H2 200 main.min.js Show response
covid.hilton.com/wp-content/themes/covidhub-theme/dist/ 1 KB
902 B 90ms
88ms Script
application/javascript 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.js

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

705a244da012089db376798674cea6963e932cb35c21e41b2c661c6fa2f09d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/covidhub-theme/dist/main.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-rs-server: gla-us-3
content-length: 579
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Nov 2020 14:30:58 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=53981
etag: "52b-5b4ef46966c80-gzip"
accept-ranges: bytes
expires: Tue, 04 May 2021 12:18:01 GMT

GET
H2 200 plugins.min.js Show response
covid.hilton.com/wp-content/themes/xd-theme/dist/ 109 KB
32 KB 101ms
100ms Script
application/javascript 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

18161167da2aa8bd6a834d0d80ff023f9ec20da9578f59882d3a2c5494457e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/xd-theme/dist/plugins.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-rs-server: gla-us-3
content-length: 32280
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Apr 2021 11:12:19 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=53929
etag: "1b4fb-5bf741eeb702b-gzip"
accept-ranges: bytes
expires: Tue, 04 May 2021 12:17:09 GMT

GET
H2 200 Hilton-Logo_Black.svg
covid.hilton.com/wp-content/uploads/2020/08/ 2 KB
3 KB 8ms
8ms Image
image/svg+xml 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/08/Hilton-Logo_Black.svg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

2efec2fd023d1a979db53148075bdac2ab5f3a7c6236a49b74779a8eb469ad5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/08/Hilton-Logo_Black.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 24 Aug 2020 12:33:47 GMT
x-rs-server: gla-us-3
etag: "8e1-5ad9ecc4400c0"
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: max-age=103394
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 2273
x-xss-protection: 1; mode=block
server: Apache
expires: Wed, 05 May 2021 02:01:34 GMT

GET
H2 200 Cabos-Wide-1920x1080.jpg
covid.hilton.com/wp-content/uploads/2020/09/ 319 KB
320 KB 17ms
17ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/09/Cabos-Wide-1920x1080.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

324d93555d71c53bece2225c5a7beed9a2d587989cecae0d8d7eccfe581587a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/09/Cabos-Wide-1920x1080.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 11:03:28 GMT
x-rs-server: gla-us-3
etag: "4fb2d-5aef384920000"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=53956
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 326445
x-xss-protection: 1; mode=block
server: Apache
expires: Tue, 04 May 2021 12:17:36 GMT

GET
H2 200 CleanStay-540x300.jpg
covid.hilton.com/wp-content/uploads/2020/08/ 20 KB
21 KB 24ms
23ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/08/CleanStay-540x300.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

64f756199579649cf5ce2c19f3acd25b002f88fcb904ab8d0950bb9621b5dab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/08/CleanStay-540x300.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 28 Aug 2020 13:18:20 GMT
x-rs-server: gla-us-3
etag: "50b8-5adefe2f43f00"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=53952
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 20664
x-xss-protection: 1; mode=block
server: Apache
expires: Tue, 04 May 2021 12:17:32 GMT

GET
H2 200 shutterstock_624773915-540x300.jpg
covid.hilton.com/wp-content/uploads/2020/08/ 46 KB
46 KB 16ms
16ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/08/shutterstock_624773915-540x300.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

4caeed9f547d857c8ae818ab19647c9a65521849692d3bcdaf24486d6c418545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/08/shutterstock_624773915-540x300.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 28 Aug 2020 13:17:03 GMT
x-rs-server: gla-us-3
etag: "b787-5adefde5d51c0"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=207790
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 46983
x-xss-protection: 1; mode=block
server: Apache
expires: Thu, 06 May 2021 07:01:30 GMT

GET
H2 200 Impossible_FamilyBedJump-540x300.jpg
covid.hilton.com/wp-content/uploads/2020/10/ 20 KB
21 KB 8ms
8ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/10/Impossible_FamilyBedJump-540x300.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

c895f4a6a9f62c01a1cccad30b19f5271d5953ec4642664c90ea45b5adc8573e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/Impossible_FamilyBedJump-540x300.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 16:17:53 GMT
x-rs-server: gla-us-3
etag: "5155-5b258ec302e40"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=54002
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 20821
x-xss-protection: 1; mode=block
server: Apache
expires: Tue, 04 May 2021 12:18:22 GMT

GET
H2 200 play_circle_outline-96px.svg
covid.hilton.com/wp-content/themes/xd-theme/img/icons/ 641 B
744 B 10ms
9ms Image
image/svg+xml 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/themes/xd-theme/img/icons/play_circle_outline-96px.svg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

671e11a685b334d00d00527841210bef4b9fa8fbb32cd82e0f10cb77843174b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/xd-theme/img/icons/play_circle_outline-96px.svg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-rs-server: gla-us-3
content-length: 430
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Apr 2021 11:12:19 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=53919
etag: "281-5bf741eea9569"
accept-ranges: bytes
expires: Tue, 04 May 2021 12:16:59 GMT

GET
H2 200 cleanstay_video_overlay_cropped.jpg
covid.hilton.com/wp-content/uploads/2020/08/ 51 KB
51 KB 9ms
8ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/08/cleanstay_video_overlay_cropped.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

32353df998d7ae5d282acacf732a207a5dcc96439b03d27095d20a58ba05b871

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/08/cleanstay_video_overlay_cropped.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 28 Aug 2020 16:59:48 GMT
x-rs-server: gla-us-3
etag: "cba0-5adf2fafb0900"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=53917
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 52128
x-xss-protection: 1; mode=block
server: Apache
expires: Tue, 04 May 2021 12:16:57 GMT

GET
H2 200 travel-flexibility-1-840x760.jpg
covid.hilton.com/wp-content/uploads/2020/08/ 60 KB
61 KB 10ms
10ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/08/travel-flexibility-1-840x760.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

9b618b8d795dd7a1f4ae8ed599a325bf3813a243ee94c9a0c0ff45527040e63c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/08/travel-flexibility-1-840x760.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 28 Aug 2020 13:17:42 GMT
x-rs-server: gla-us-3
etag: "f172-5adefe0b06980"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=190829
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 61810
x-xss-protection: 1; mode=block
server: Apache
expires: Thu, 06 May 2021 02:18:49 GMT

GET
H2 200 price-match-guarantee-840x760.jpg
covid.hilton.com/wp-content/uploads/2020/08/ 78 KB
79 KB 14ms
9ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/08/price-match-guarantee-840x760.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

b04a96c337f8c6a2ef0ae6c990355361976669f68b07abb81bef1c7a52def94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/08/price-match-guarantee-840x760.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 28 Aug 2020 13:17:38 GMT
x-rs-server: gla-us-3
etag: "13932-5adefe0736080"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=190809
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 80178
x-xss-protection: 1; mode=block
server: Apache
expires: Thu, 06 May 2021 02:18:29 GMT

GET
H2 200 Current-Services-And-Amenities-mask-840x760.jpg
covid.hilton.com/wp-content/uploads/2020/09/ 63 KB
64 KB 17ms
12ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/09/Current-Services-And-Amenities-mask-840x760.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

358d61868170f136feb3e35c9ca7ca01cde6c01c4fb5c69545ee87757c8a83df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/09/Current-Services-And-Amenities-mask-840x760.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 21 Sep 2020 07:45:23 GMT
x-rs-server: gla-us-3
etag: "fd99-5afce086c6ac0"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=80465
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 64921
x-xss-protection: 1; mode=block
server: Apache
expires: Tue, 04 May 2021 19:39:25 GMT

GET
H2 200 cross-icon.svg
covid.hilton.com/wp-content/themes/covidhub-theme/icons/ 899 B
787 B 26ms
21ms Image
image/svg+xml 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/themes/covidhub-theme/icons/cross-icon.svg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

134f7118587def3881fb7e0b5db92a8233966d228b2bde4ce3c461d42e4b86b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/covidhub-theme/icons/cross-icon.svg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-rs-server: gla-us-3
content-length: 473
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Sep 2020 08:52:13 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=203324
etag: "383-5aeb555a8e940"
accept-ranges: bytes
expires: Thu, 06 May 2021 05:47:04 GMT

GET
H2 200 face-coverings-840x760.jpg
covid.hilton.com/wp-content/uploads/2020/08/ 59 KB
60 KB 26ms
22ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/08/face-coverings-840x760.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

ffb993559b6eecfca1a36b74ee3f3a5ca8d65419226f58936c79dee672c53147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/08/face-coverings-840x760.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 28 Aug 2020 13:14:07 GMT
x-rs-server: gla-us-3
etag: "ed19-5adefd3dfc5c0"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=103369
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 60697
x-xss-protection: 1; mode=block
server: Apache
expires: Wed, 05 May 2021 02:01:09 GMT

GET
H2 200 Points-Extension-840x760.jpg
covid.hilton.com/wp-content/uploads/2020/10/ 83 KB
83 KB 31ms
27ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/10/Points-Extension-840x760.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

3843231c1d3df4bd3ede44bda7d0ff4321f194fe706b606c57566ff8dcbb39b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/Points-Extension-840x760.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 19:30:23 GMT
x-rs-server: gla-us-3
etag: "14a88-5b25b9c9f31c0"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=103502
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 84616
x-xss-protection: 1; mode=block
server: Apache
expires: Wed, 05 May 2021 02:03:22 GMT

GET
H2 200 Elite-Status-840x760.jpg
covid.hilton.com/wp-content/uploads/2020/10/ 96 KB
97 KB 37ms
33ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/10/Elite-Status-840x760.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

3b9532e5eb289fc7260ac03d5dbda85ef424798b054f744605b9d97ef66c7fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/Elite-Status-840x760.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 19:30:19 GMT
x-rs-server: gla-us-3
etag: "181ad-5b25b9c6228c0"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=103440
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 98733
x-xss-protection: 1; mode=block
server: Apache
expires: Wed, 05 May 2021 02:02:20 GMT

GET
H2 200 Milestone-Bonus-840x760.jpg
covid.hilton.com/wp-content/uploads/2020/10/ 86 KB
86 KB 46ms
42ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/10/Milestone-Bonus-840x760.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

d68d790281fcf16c8f6c2c23346a1da17f552f2d823125129915ad994a9ad186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/Milestone-Bonus-840x760.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 19:30:17 GMT
x-rs-server: gla-us-3
etag: "1566c-5b25b9c43a440"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=103341
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 87660
x-xss-protection: 1; mode=block
server: Apache
expires: Wed, 05 May 2021 02:00:41 GMT

GET
H2 200 Status-Extension-840x760.jpg
covid.hilton.com/wp-content/uploads/2020/10/ 69 KB
69 KB 52ms
48ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/10/Status-Extension-840x760.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

03b6d81f3b90f66a18232cd3169a4f3489ae5dd3dfd578f77571478f86736a17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/Status-Extension-840x760.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 19:30:21 GMT
x-rs-server: gla-us-3
etag: "11330-5b25b9c80ad40"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=103464
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 70448
x-xss-protection: 1; mode=block
server: Apache
expires: Wed, 05 May 2021 02:02:44 GMT

GET
H2 200 Status-Gifting-840x760.jpg
covid.hilton.com/wp-content/uploads/2020/10/ 89 KB
90 KB 58ms
55ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/10/Status-Gifting-840x760.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

3c22469742b4b32ee8f6154b2eed56f9b183ef81e90b04cd8c0bbf57676f3fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/Status-Gifting-840x760.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 19:30:15 GMT
x-rs-server: gla-us-3
etag: "164a9-5b25b9c251fc0"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=207877
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 91305
x-xss-protection: 1; mode=block
server: Apache
expires: Thu, 06 May 2021 07:02:57 GMT

GET
H2 200 Cobrand-840x760.png
covid.hilton.com/wp-content/uploads/2020/11/ 929 KB
931 KB 64ms
61ms Image
image/png 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/11/Cobrand-840x760.png

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

7bf41d52d6ee4c765a37b62502bef9c55b49311e956baadb373122d2b6aa15e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/11/Cobrand-840x760.png
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 03 Nov 2020 13:59:00 GMT
x-rs-server: gla-us-3
etag: "e8382-5b33443c1d100"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=190705
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 951170
x-xss-protection: 1; mode=block
server: Apache
expires: Thu, 06 May 2021 02:16:45 GMT

GET
H2 200 get-it-on-google-play.svg
covid.hilton.com/wp-content/uploads/2020/09/ 7 KB
7 KB 69ms
66ms Image
image/svg+xml 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/09/get-it-on-google-play.svg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

51a0078ffdd30df8723ed143e0c566f8fc077138535741c38f57a634a49beb3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/09/get-it-on-google-play.svg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 09:43:52 GMT
x-rs-server: gla-us-3
etag: "1b81-5aef267e60600"
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: max-age=53943
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 7041
x-xss-protection: 1; mode=block
server: Apache
expires: Tue, 04 May 2021 12:17:23 GMT

GET
H2 200 download-on-the-app-store.svg
covid.hilton.com/wp-content/uploads/2020/09/ 8 KB
9 KB 76ms
73ms Image
image/svg+xml 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/09/download-on-the-app-store.svg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e3c539fcdc8b1af3e06722830d7cff727b2143a2f3c7fe10368d164ada96c399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/09/download-on-the-app-store.svg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 09:43:50 GMT
x-rs-server: gla-us-3
etag: "2173-5aef267c78180"
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: max-age=73452
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 8563
x-xss-protection: 1; mode=block
server: Apache
expires: Tue, 04 May 2021 17:42:32 GMT

GET
H2 200 Honors-app-1-840x760.jpg
covid.hilton.com/wp-content/uploads/2020/08/ 63 KB
63 KB 81ms
78ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/08/Honors-app-1-840x760.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

4c34c9fc997e68001947abb05032584ab50b0bc6c54b18f58ea0121deebf4b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/08/Honors-app-1-840x760.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 28 Aug 2020 13:16:25 GMT
x-rs-server: gla-us-3
etag: "fc3f-5adefdc197c40"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=103347
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 64575
x-xss-protection: 1; mode=block
server: Apache
expires: Wed, 05 May 2021 02:00:47 GMT

GET
H2 200 Testimonials-Desktop-2-1440x685-1-540x485.jpg
covid.hilton.com/wp-content/uploads/2020/08/ 38 KB
38 KB 89ms
87ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/08/Testimonials-Desktop-2-1440x685-1-540x485.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

b9e24555cbe05372ee4f10a4b912f9d261b02cf57281bab9c9a90bf93d47e809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/08/Testimonials-Desktop-2-1440x685-1-540x485.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 28 Aug 2020 13:17:34 GMT
x-rs-server: gla-us-3
etag: "972e-5adefe0365780"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=53954
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 38702
x-xss-protection: 1; mode=block
server: Apache
expires: Tue, 04 May 2021 12:17:34 GMT

GET
H2 200 20200428-A01-screengrab-NILAYA-LA-Hilton-11-540x485.jpg
covid.hilton.com/wp-content/uploads/2020/08/ 41 KB
42 KB 96ms
94ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/08/20200428-A01-screengrab-NILAYA-LA-Hilton-11-540x485.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

a89cd2933ab5dee0039bcf3a96ba5c0272f4cf7a12e864b3444b2fd1c880b8af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/08/20200428-A01-screengrab-NILAYA-LA-Hilton-11-540x485.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 28 Aug 2020 13:17:26 GMT
x-rs-server: gla-us-3
etag: "a517-5adefdfbc4580"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=54033
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 42263
x-xss-protection: 1; mode=block
server: Apache
expires: Tue, 04 May 2021 12:18:53 GMT

GET
H2 200 THank-you-rob-540x485.jpg
covid.hilton.com/wp-content/uploads/2020/08/ 53 KB
54 KB 105ms
104ms Image
image/jpeg 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/uploads/2020/08/THank-you-rob-540x485.jpg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

c862ef634a54b3802e0fcff950b2f45c671db2f117701248e84e3efd741d784f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/08/THank-you-rob-540x485.jpg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 28 Aug 2020 13:17:33 GMT
x-rs-server: gla-us-3
etag: "d565-5adefe0271540"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=190843
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 54629
x-xss-protection: 1; mode=block
server: Apache
expires: Thu, 06 May 2021 02:19:03 GMT

GET
H2 200 wp-polyfill.min.js Show response
covid.hilton.com/wp-includes/js/dist/vendor/ 97 KB
34 KB 18ms
18ms Script
application/javascript 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/dist/vendor/wp-polyfill.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-rs-server: gla-us-3
content-length: 34241
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Aug 2020 18:47:13 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=53880
etag: "183ee-5ac9e7fd48e40-gzip"
accept-ranges: bytes
expires: Tue, 04 May 2021 12:16:20 GMT

GET
H2 200 index.js Show response
covid.hilton.com/wp-content/plugins/contact-form-7/includes/js/ 11 KB
3 KB 8ms
8ms Script
application/javascript 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-content/plugins/contact-form-7/includes/js/index.js

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/index.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-rs-server: gla-us-3
content-length: 3238
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Feb 2021 22:54:46 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=54015
etag: "2ac2-5bc1cebe03980-gzip"
accept-ranges: bytes
expires: Tue, 04 May 2021 12:18:35 GMT

GET
H2 200 main.min.js Show response
covid.hilton.com/wp-content/themes/xd-theme/dist/ 27 KB
7 KB 12ms
12ms Script
application/javascript 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-content/themes/xd-theme/dist/main.min.js

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

016fed809cee81877351065c8daa172aac2021c14fb921e9cf6d92d5a075a4de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/xd-theme/dist/main.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-rs-server: gla-us-3
content-length: 7212
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Apr 2021 11:12:19 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=52178
etag: "6d31-5bf741eeb702b-gzip"
accept-ranges: bytes
expires: Tue, 04 May 2021 11:47:58 GMT

GET
H2 200 es6.js Show response
covid.hilton.com/wp-content/themes/xd-theme/dist/ 49 KB
9 KB 12ms
12ms Script
application/javascript 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-content/themes/xd-theme/dist/es6.js

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

aa87d0d52d588d2e7f5b3d4286d6751d42e0f4338d8a6a4806080894e70922f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/xd-theme/dist/es6.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-rs-server: gla-us-3
content-length: 8971
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Apr 2021 11:12:19 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=52131
etag: "c20a-5bf741eeb702b-gzip"
accept-ranges: bytes
expires: Tue, 04 May 2021 11:47:11 GMT

GET
H2 200 modernizr-3.6.0.min.js Show response
covid.hilton.com/wp-content/themes/xd-theme/js/libs/ 5 KB
3 KB 9ms
9ms Script
application/javascript 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-content/themes/xd-theme/js/libs/modernizr-3.6.0.min.js

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

fbd4ebffd2dd1e8d8e3ab577657c73edef4a96d1df51a99a456215a754e6f4e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/xd-theme/js/libs/modernizr-3.6.0.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-rs-server: gla-us-3
content-length: 2266
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Apr 2021 11:12:19 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=52185
etag: "1445-5bf741eeb7fcb-gzip"
accept-ranges: bytes
expires: Tue, 04 May 2021 11:48:05 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 123 KB
40 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCVe0my2llx6AMJ-sI6JKIzpTnJOoLthwI&callback=initMap

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

3bd7a27d15c429e9f53fa4df1268ec7229b1103c5ee81d980ad55f1868425bb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:20 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=20
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41283
x-xss-protection: 0
expires: Mon, 03 May 2021 21:48:20 GMT

GET
H2 200 wp-embed.min.js Show response
covid.hilton.com/wp-includes/js/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-includes/js/wp-embed.min.js

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/wp-embed.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-rs-server: gla-us-3
content-length: 765
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 22:57:07 GMT
server: Apache
x-frame-options: sameorigin
date: Mon, 03 May 2021 21:18:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=52095
etag: "592-5ba76819cd6c0-gzip"
accept-ranges: bytes
expires: Tue, 04 May 2021 11:46:35 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 20ms
6ms Stylesheet
text/css 2a02:26f0:6c00:28d::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=hku7kky&ht=tk&f=139&a=428416&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hku7kky.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:20 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1620076700435
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1620076700435

5 KB
3 KB

38ms
38ms

XHR
application/json

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1620076700435

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

87ac9a2a993f8bcd1a7cd91efb4cdc24597a4848297b8f19db2689717812dc89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0e90f2957.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: id5Px0LaQJg=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://covid.hilton.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1714
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v005-07d1da54e.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://covid.hilton.com
X-TID: 2tAsmAzJQjA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1620076700435
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EXf0af6e94ce954047bb20d4d4960e43c2-libraryCode_source.min.js Show response
assets.adobedtm.com/5e68f1ab8856/6f5249f15557/4ffdbda4d3ba/ 40 KB
15 KB 8ms
6ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e68f1ab8856/6f5249f15557/4ffdbda4d3ba/EXf0af6e94ce954047bb20d4d4960e43c2-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 16d6cfea734ce7d8398b2862a7caf77bf7269821960d4e46f561bcf49254f463

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:20 GMT
content-encoding: gzip
last-modified: Fri, 30 Apr 2021 17:05:44 GMT
server: AkamaiNetStorage
etag: "ac0ec65af198e4c80e09fd9564f31ebc:1619802344.895063"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://covid.hilton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 15017
expires: Mon, 03 May 2021 22:18:20 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 25 KB
9 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:20 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://covid.hilton.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Mon, 03 May 2021 22:18:20 GMT

GET
H2 200 ProximaNova-SemiBold.woff2
covid.hilton.com/wp-content/themes/xd-theme/dist/fonts/proxima-nova/ProximaNova-SemiBold/ 20 KB
20 KB 123ms
123ms Font
text/plain 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-content/themes/xd-theme/dist/fonts/proxima-nova/ProximaNova-SemiBold/ProximaNova-SemiBold.woff2

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/main.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e07a6b852fe9c45ee8038d53486a3a40c1e824c32d28a34cc91f0f287a5ee9c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://covid.hilton.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
:path: /wp-content/themes/xd-theme/dist/fonts/proxima-nova/ProximaNova-SemiBold/ProximaNova-SemiBold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: covid.hilton.com
referer: https://covid.hilton.com/wp-content/themes/xd-theme/dist/main.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://covid.hilton.com
Referer: https://covid.hilton.com/wp-content/themes/xd-theme/dist/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 11:12:19 GMT
x-rs-server: gla-us-3
etag: "4fb0-5bf741eeb126a"
x-frame-options: sameorigin
cache-control: max-age=845233
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 20400
x-xss-protection: 1; mode=block
server: Apache
expires: Thu, 13 May 2021 16:05:33 GMT

GET
H2 200 ProximaNova-Regular.woff
covid.hilton.com/wp-content/themes/xd-theme/dist/fonts/proxima-nova/ProximaNova-Regular/ 24 KB
24 KB 131ms
130ms Font
application/font-woff 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-content/themes/xd-theme/dist/fonts/proxima-nova/ProximaNova-Regular/ProximaNova-Regular.woff

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/main.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

3db577869cbe9e2e300e6575965aa1c63ae1054fbbd66aa166c8efb04d5c706f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://covid.hilton.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
:path: /wp-content/themes/xd-theme/dist/fonts/proxima-nova/ProximaNova-Regular/ProximaNova-Regular.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: covid.hilton.com
referer: https://covid.hilton.com/wp-content/themes/xd-theme/dist/main.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://covid.hilton.com
Referer: https://covid.hilton.com/wp-content/themes/xd-theme/dist/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 11:12:19 GMT
x-rs-server: gla-us-3
etag: "5e6c-5bf741eeb126a"
x-frame-options: sameorigin
content-type: application/font-woff
cache-control: max-age=118427
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 24172
x-xss-protection: 1; mode=block
server: Apache
expires: Wed, 05 May 2021 06:12:07 GMT

GET
H2 200 loew-heavy-webfont.woff2
covid.hilton.com/wp-content/themes/covidhub-theme/dist/fonts/loew/Loew-Heavy/ 39 KB
39 KB 138ms
136ms Font
text/plain 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/fonts/loew/Loew-Heavy/loew-heavy-webfont.woff2

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

08263a065b8d080bc96b991d6e1a94693806014097e977740a78de7d638b17fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://covid.hilton.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0
:path: /wp-content/themes/covidhub-theme/dist/fonts/loew/Loew-Heavy/loew-heavy-webfont.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: covid.hilton.com
referer: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://covid.hilton.com
Referer: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 14 Sep 2020 12:31:02 GMT
x-rs-server: gla-us-3
etag: "9ba4-5af4535192d80"
x-frame-options: sameorigin
cache-control: max-age=123457
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 39844
x-xss-protection: 1; mode=block
server: Apache
expires: Wed, 05 May 2021 07:35:57 GMT

GET
H2 200 l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 34 KB
34 KB 17ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: covid.hilton.com
URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3302ef568a096b5d784190fc4a27a5360a9e0a22c069d90253c6341e311024d8

Request headers

Origin: https://covid.hilton.com
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:20 GMT
server: nginx
etag: "b5fef031a96fc670f9c3b1b64dd52243a29d7531"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34344

GET
H2 200 icomoon.woff2
i.icomoon.io/public/a6f3eea267/XDTheme/ 45 KB
46 KB 464ms
154ms Font
font/woff2 54.193.7.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.icomoon.io/public/a6f3eea267/XDTheme/icomoon.woff2?386aut
Requested by: Host: i.icomoon.io
URL: https://i.icomoon.io/public/a6f3eea267/XDTheme/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.193.7.186 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-193-7-186.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0e5a354931a7e3064e75faedeafc2f9dc580b7e2eb9795a27ae430574f640854

Request headers

Origin: https://covid.hilton.com
Referer: https://i.icomoon.io/public/a6f3eea267/XDTheme/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:20 GMT
last-modified: Mon, 12 Apr 2021 12:57:32 GMT
server: nginx
etag: "607443bc-b5c0"
content-type: font/woff2
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 46528

GET
H2 200 notice Show response
consent.trustarc.com/ 9 KB
4 KB 107ms
48ms Script
text/javascript 65.9.84.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=hiltongdpr.com&c=teconsent&gtm=1&text=true&pcookie&js=nj&noticeType=bb&oc=1

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e1aa325d5f0ebba8af1dcc9ac33d766d8edc38ec009543aeaaa65932f9b7b2ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: FR
content-length: 3517
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
cache-control: max-age=3600
cloudfront-viewer-country-region: IDF
x-amz-cf-id: X9AIVcDVydM91kVM5wQhi7aiR6nF7dl-4RFzpiQPdvh06oK9VT--lQ==
expires: Mon, 03 May 2021 22:18:20 GMT

GET
H2 200 adchoices.svg
covid.hilton.com/wp-content/plugins/d3-policy-updater//styles/ 2 KB
2 KB 104ms
104ms Image
image/svg+xml 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid.hilton.com/wp-content/plugins/d3-policy-updater//styles/adchoices.svg

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

59d0a96ba9775379655668663212cb0b9967f641858e4da0713a03d14900246e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/d3-policy-updater//styles/adchoices.svg
pragma: no-cache
cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CvVersion%7C5.2.0; forterToken=facf75f4c6d54591a88a57ced9fd8b9f_1620076700629___9ck
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: covid.hilton.com
referer: https://covid.hilton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Oct 2020 14:57:55 GMT
x-rs-server: gla-us-3
etag: "80b-5b115f0be82c0"
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: max-age=53932
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 2059
x-xss-protection: 1; mode=block
server: Apache
expires: Tue, 04 May 2021 12:17:12 GMT

GET
H2 200 script.js Show response
4dc2aa82bc5e.cdn4.forter.com/sn/4dc2aa82bc5e/ 117 KB
43 KB 97ms
36ms Script
application/javascript 54.230.183.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://4dc2aa82bc5e.cdn4.forter.com/sn/4dc2aa82bc5e/script.js

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.183.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-183-72.ham50.r.cloudfront.net

Software

Resource Hash

bbdd2d949277274cd5c44236484aab5740dfec2c1be5e0f752756e62da040a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 11:52:46 GMT
content-encoding: br
vary: Accept-Encoding
age: 2453134
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 05 Apr 2021 11:52:46 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/4dc2aa82bc5e/61021731319
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript; charset=utf-8
via: 1.1 425ccbcb040dd779e5f3bdc76b6d8ff9.cloudfront.net (CloudFront)
cache-control: private, max-age=300
x-amz-cf-pop: HAM50-C3
timing-allow-origin: *
x-amz-cf-id: lKkR45pzs0tGOm_UQu8MhjidhkSFPJfapaDXs5Q88TOjJdJ0a4-CwA==
expires: Mon, 05 Apr 2021 11:57:46 GMT

GET
H/1.1 200
OK dest5.html Show response
hilton.demdex.net/ Frame C62B 7 KB
3 KB 136ms
34ms Document
text/html 54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hilton.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: hilton.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://covid.hilton.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=56063864245999558502552290808866379196
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://covid.hilton.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 3 May 2021 21:18:20 GMT
DCS: dcs-prod-irl1-1-v005-0d1926cfb.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 22 Apr 2021 14:22:49 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: t62beFtrTCI=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
smetric.hilton.com/ 48 B
513 B 50ms
16ms XHR
application/x-javascript 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetric.hilton.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&mid=56039617056800585652549927112770348275&ts=1620076700713

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

7df141b887f0a0443fb6d31dc8c48afe0afaaac56528038a50d1b46c2ff87fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 03 May 2021 21:18:20 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-76898875b9-kwdhr
vary: Origin
x-c: main-1461.Id0ac08.M0-490
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://covid.hilton.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YJBonAAAALemYCkN
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=56063864245999558502552290808866379196
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJBonAAAALemYCkN

42 B
975 B

39ms
39ms

Image
image/gif

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJBonAAAALemYCkN

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-02a349794.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: kQwu0eWVTH4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJBonAAAALemYCkN
Date: Mon, 03 May 2021 21:18:20 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 json Show response
fls.doubleclick.net/ 40 B
723 B 115ms
35ms Script
text/javascript 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fls.doubleclick.net/json?spot=2013561&src=&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=3161314651214

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5e68f1ab8856/6f5249f15557/4ffdbda4d3ba/EXf0af6e94ce954047bb20d4d4960e43c2-libraryCode_source.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60
x-xss-protection: 0
pragma: no-cache
server: cafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ProximaNova-SemiBold.woff2
covid.hilton.com/wp-content/themes/covidhub-theme/dist/fonts/proxima-nova/ProximaNova-SemiBold/ 20 KB
20 KB 11ms
11ms Font
text/plain 2a02:26f0:120::5435:8c68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/fonts/proxima-nova/ProximaNova-SemiBold/ProximaNova-SemiBold.woff2

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:120::5435:8c68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e07a6b852fe9c45ee8038d53486a3a40c1e824c32d28a34cc91f0f287a5ee9c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://covid.hilton.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: forterToken=facf75f4c6d54591a88a57ced9fd8b9f_1620076700629___9ck; AMCVS_F0C120B3534685700A490D45%40AdobeOrg=1; AMCV_F0C120B3534685700A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18751%7CMCMID%7C56039617056800585652549927112770348275%7CMCAAMLH-1620681500%7C6%7CMCAAMB-1620681500%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1620083900s%7CNONE%7CvVersion%7C5.2.0; s_ecid=MCMID%7C56039617056800585652549927112770348275; s_dfa=hiltonglobalprod
:path: /wp-content/themes/covidhub-theme/dist/fonts/proxima-nova/ProximaNova-SemiBold/ProximaNova-SemiBold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: covid.hilton.com
referer: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://covid.hilton.com
Referer: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 14 Sep 2020 12:31:02 GMT
x-rs-server: gla-us-3
etag: "4fb0-5af4535192d80"
x-frame-options: sameorigin
cache-control: max-age=118288
date: Mon, 03 May 2021 21:18:20 GMT
accept-ranges: bytes
content-length: 20400
x-xss-protection: 1; mode=block
server: Apache
expires: Wed, 05 May 2021 06:09:48 GMT

GET
H2 200 v1.7-1745 Show response
consent.trustarc.com/asset/notice.js/v/ 70 KB
23 KB 91ms
33ms Script
text/javascript 65.9.84.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-1745
Requested by: Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=hiltongdpr.com&c=teconsent&gtm=1&text=true&pcookie&js=nj&noticeType=bb&oc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8952ccc09c989c9864dc4d80fc2ff261a1aec5ce7e02ad9bfe4d0c71b51928a0

Request headers

Origin: https://covid.hilton.com
Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 20:58:34 GMT
content-encoding: gzip
age: 1186
x-cache: Hit from cloudfront
pragma: public
access-control-allow-origin: *
last-modified: Thu, 29 Apr 2021 01:48:31 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: LKqTxtiHb0xp9kDYnl2kVU1fcRvnWPqoweTvPSSdmwvNYuXzc8xWYQ==
expires: Wed, 02 Jun 2021 20:58:34 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
383 B 50ms
50ms Image
image/gif 65.9.84.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/log?domain=hiltongdpr.com&country=fr&state=&behavior=expressed&c=9bfc
Requested by: Host: covid.hilton.com
URL: https://covid.hilton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:20 GMT
via: 1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: i7cPFG_RFO3GhNZZzX_hHYbrdRWVW5QOv7rph7ZX76hIK8985xovUg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=21&dpuuid=164970403775001211031
dpm.demdex.net/ Frame C62B
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=56063864245999558502552290808866379196
https://dpm.demdex.net/ibs:dpid=21&dpuuid=164970403775001211031

42 B
975 B

39ms
38ms

Image
image/gif

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=164970403775001211031

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0b6b2a50a.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ekkUlSUoS9Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:20 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=164970403775001211031
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 s79006297800776 Show response
smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LBRU/ 6 KB
6 KB 43ms
43ms Script
application/x-javascript 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LBRU/s79006297800776?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=3%2F4%2F2021%2023%3A18%3A20%201%20-120&d.&nsid=0&jsonv=1&.d&mid=56039617056800585652549927112770348275&aamlh=6&ce=UTF-8&pageName=hilton-s-covid-19-response-amp-policies-hotels-by-hilton%3Ahomepage&g=https%3A%2F%2Fcovid.hilton.com%2F&cc=USD&ch=homepage&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=D%3Dv16&c3=en&c4=Logged-out&c6=images%2Ctext&c8=hilton-s-covid-19-response-amp-policies-hotels-by-hilton&c9=homepage&v10=%2B1&c13=https%3A%2F%2Fcovid.hilton.com%2F&c14=Hilton%E2%80%99s%20COVID-19%20Response%20%26%20Policies%20%7C%20Hotels%20by%20Hilton&c15=D&c16=C&v20=D%3Dv16&c24=covid.hilton.com&v24=en&v25=Logged-out&v27=hilton-s-covid-19-response-amp-policies-hotels-by-hilton%3Ahomepage&c28=D%3Dv9&c35=old%20hilton&c37=en&c39=homepage&v43=D%3Dc8&v46=homepage&v47=D%3Dc15&v49=C&v56=DFA-0-0-0-0-0-0-0-0&v83=Site%20on%20Mobile%20Device%20%28Phone%2FTablet%29&v111=Control%20Group&v135=old%20hilton&v150=https%3A%2F%2Fcovid.hilton.com%2F&v175=05%2F03%2F2021&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5e68f1ab8856/6f5249f15557/4ffdbda4d3ba/EXf0af6e94ce954047bb20d4d4960e43c2-libraryCode_source.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

58e42948452ea55ea4aee8d306baf470cd209d24190e16687b245dcde8e76c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-aam-tid: HlPO5DtWTtw=
date: Mon, 03 May 2021 21:18:20 GMT
x-content-type-options: nosniff
x-c: main-1461.Id0ac08.M0-490
p3p: CP="This is not a P3P policy"
vary: *
content-length: 5698
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v005-039fc829c.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
pragma: no-cache
last-modified: Tue, 04 May 2021 21:18:20 GMT
server: jag
xserver: anedge-76898875b9-4xxqq
etag: 3479088222335238144-4621991049538203757
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 02 May 2021 21:18:20 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame C62B 44 B
362 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=967617709996912&ev=Adobe-Audience-Manager-Segment&cd[segID]=15300019,19977322&noscript=1

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 03 May 2021 21:18:20 GMT

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame 7F04 5 KB
2 KB 90ms
32ms Document
text/html 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-1745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://covid.hilton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://covid.hilton.com/

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 03 May 2021 06:00:33 GMT
server: nginx
etag: W/"5147-1618561290000"
last-modified: Fri, 16 Apr 2021 08:21:30 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: FxWTrHjQ6XynnW4Gp9x4IVxkr06kjcy2CuczzHnMkJGuH9x0agIi_Q==
age: 55068

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
505 B 52ms
52ms Image
image/gif 65.9.84.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=hiltongdpr.com&behavior=expressed&country=fr&language=en&rand=0.6673305801525555

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:20 GMT
via: 1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
x-content-type-options: nosniff
timing-allow-origin: *
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: FR
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
cloudfront-viewer-country-region: IDF
x-amz-cf-id: 3iweuszgnNLdAN9vWBnh48IGnx8XtLMKv6izWjiaQ0AY5QTUTgv5vw==
expires: Mon, 03 May 2021 22:18:20 GMT

POST
H2 200 events
cdn3.forter.com/ 0
241 B 281ms
93ms Ping
text/plain 34.202.81.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.81.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-81-13.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:21 GMT
vary: Origin
access-control-allow-origin: https://covid.hilton.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
strict-transport-security: max-age=86400; includeSubDomains
timing-allow-origin: *
expires: -1

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=7118da9952858cacd126052debc310e15e102de4f3e0be398033eb31da548606b0da87c991749652
dpm.demdex.net/ Frame C62B
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=56063864245999558502552290808866379196
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTYwNjM4NjQyNDU5OTk1NTg1MDI1NTIyOTA4MDg4NjYzNzkxOTYQABoNCJ3RwYQGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=7118da9952858cacd126052debc310e15e102de4f3e0be398033eb31da548606b0da87c991749652

42 B
975 B

38ms
38ms

Image
image/gif

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=7118da9952858cacd126052debc310e15e102de4f3e0be398033eb31da548606b0da87c991749652

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-07d1da54e.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: c5h7RJAQSaw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 03 May 2021 21:18:21 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=7118da9952858cacd126052debc310e15e102de4f3e0be398033eb31da548606b0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

POST
H2 200 events
cdn3.forter.com/ 0
240 B 234ms
94ms Ping
text/plain 34.202.81.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.81.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-81-13.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:21 GMT
vary: Origin
access-control-allow-origin: https://covid.hilton.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
strict-transport-security: max-age=86400; includeSubDomains
timing-allow-origin: *
expires: -1

GET
H2

200

28ee09cd3b4f7a7f6e22e61f18ab0fbea1bb965a2b8f1530ecef370bb796cb42ac7f4bcc631750e1def048d4a572 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/28ee09cd3b4f7a7f6e22e61f18ab0fbea1bb965a2b8f1530ecef370bb796cb42ac7f4bcc631750e1def048d4a572

0
323 B

128ms
127ms

XHR
text/plain

54.192.210.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/28ee09cd3b4f7a7f6e22e61f18ab0fbea1bb965a2b8f1530ecef370bb796cb42ac7f4bcc631750e1def048d4a572

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-21.ham50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:21 GMT
via: 1.1 dabb0767cb7bc0fc02f46ee84ad4dbd9.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: CJv5rbidTK8vNildVudoW04NLnVlJR_TH0DgPaX29iXMxyY8SxVdrQ==

Redirect headers

date: Mon, 03 May 2021 21:18:21 GMT
via: 1.1 dabb0767cb7bc0fc02f46ee84ad4dbd9.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
location: https://cdn9.forter.com/vchk2/v1/28ee09cd3b4f7a7f6e22e61f18ab0fbea1bb965a2b8f1530ecef370bb796cb42ac7f4bcc631750e1def048d4a572
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: SimMpTd-AzZlVTDSGqNgeyJ4Mm-i3FSUHnykg9bxto3txNUHgrHmNg==

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 7F04 5 KB
2 KB 46ms
46ms Script
application/javascript 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 038f25dc1d79521cf797f505812cd4aa3b301292dda0c33b6e6d62c368008fc7

Request headers

Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:21 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 08:21:48 GMT
server: nginx
x-amz-cf-pop: AMS1-C1
etag: W/"4867-1618561308000"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: qqaiOWVWeZSpzGVMsw1931q6KC1MBvRbkjUPnI-wmfgGXKpNK3R-nw==
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
expires: Mon, 03 May 2021 21:18:20 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame 7F04 20 KB
5 KB 93ms
30ms Script
text/javascript 52.222.183.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-88.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Request headers

Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Fri, 30 Apr 2021 04:44:19 GMT
content-encoding: gzip
server: nginx
age: 318842
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C1
timing-allow-origin: *
x-amz-cf-id: EPxL2qPNpTyJhOoGc_KToupbZvF64GYAV_KsuJYccXmhjrr8UHWF8Q==
via: 1.1 3bfd04a794dcee9eaf362ae07e8fbe20.cloudfront.net (CloudFront)
expires: Sun, 30 May 2021 04:44:19 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 7F04 3 KB
3 KB 29ms
28ms Image
image/gif 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 05:55:52 GMT
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 08:21:30 GMT
server: nginx
age: 55349
etag: W/"2608-1618561290000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 2608
x-xss-protection: 1; mode=block
x-amz-cf-id: mUzIu6scODoxUBeQlwgdT_ll_Pl_ORHcqljCDJcR7T2K2FmRb1nzhw==

GET
H2 200 67B873F492AD87C25B322202223D7A22.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 6458 140 KB
46 KB 33ms
33ms Document
text/html 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 636435d9e1b631536ba8fbd41b01b1d75246eafc97e68a4fad7585f09409d596

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 03 May 2021 05:55:52 GMT
server: nginx
etag: W/"143674-1618561308000"
last-modified: Fri, 16 Apr 2021 08:21:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: CxR--8WcvLcYsE8PNySpNDBftjHziUsp2tiNs7OEWb1U3OP71Q59qA==
age: 55349

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=2304448594098764619
dpm.demdex.net/ Frame C62B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=2304448594098764619

42 B
975 B

41ms
40ms

Image
image/gif

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=2304448594098764619

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0b6b2a50a.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lh+WMBpqRVc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 21:18:21 GMT
X-Proxy-Origin: 84.17.43.134; 84.17.43.134; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.24:80
AN-X-Request-Uuid: 803cf90b-e660-4708-a058-edb443942dd0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=2304448594098764619
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 7F04 969 B
823 B 46ms
46ms XHR
application/json 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d4bef2d91bd01eaeba3c9d62545eb98cec13e41bfacdbf28cf1c17bc7f1a35e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 67B873F492AD87C25B322202223D7A22
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 03 May 2021 21:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 465
x-xss-protection: 1; mode=block
x-amz-cf-id: hgj5uhF51_gqEnbIQHpF5dz4e_-Xpo_Zdzi1lWdv2L4Yl2XUr_g6VA==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 7F04 48 B
389 B 45ms
45ms XHR
application/json 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

64e07ac59e021e72b359c0e2527a87e7eef99bf922fcd3cbae25b3495c2a25de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 67B873F492AD87C25B322202223D7A22
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 03 May 2021 21:18:21 GMT
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
content-disposition: attachment
content-length: 48
x-xss-protection: 1; mode=block
x-amz-cf-id: sS90HvZ2KDhDme0ouIiE2r_dRroCtJ--I7Up9tnHyxF-7JvCzMZwYw==

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 7F04 27 KB
7 KB 64ms
63ms Stylesheet
text/css 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/EuPreferenceManager.css
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ea22ef5cc12712e650ac15269e8e7b75904f47246ce6eb04bf0fcd42f8bed77

Request headers

Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:21 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 08:21:30 GMT
server: nginx
x-amz-cf-pop: AMS1-C1
etag: W/"27745-1618561290000"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: 8gmxBQ6frXo_9E_M4mwE6wWZgxlic-NAua0r05AwfnDp748z3Y56jg==
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
expires: Mon, 03 May 2021 21:18:20 GMT

GET
H2 200 10.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/67B873F492AD87C25B322202223D7A22/ Frame 7F04 242 KB
84 KB 29ms
29ms XHR
application/javascript 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/67B873F492AD87C25B322202223D7A22/10.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a9073f8a864d021091181726653951f100dfcabb6d1c04d91c4fd0e74a4e35a

Request headers

Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 05:55:52 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 08:21:48 GMT
server: nginx
age: 55349
etag: W/"248272-1618561308000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: QqOrIJv_uvGmoTy4QYCK70i9RUz1kyhVrqjU2_0cGxI00z4QgZl1EQ==
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=3440017422702110216
dpm.demdex.net/ Frame C62B
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3440017422702110216

42 B
975 B

37ms
37ms

Image
image/gif

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=3440017422702110216

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-08a1d9f96.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 0xqtWbeaQas=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=3440017422702110216
pragma: no-cache
date: Mon, 03 May 2021 21:18:20 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/67B873F492AD87C25B322202223D7A22/ Frame 7F04 19 KB
8 KB 28ms
27ms XHR
application/javascript 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/67B873F492AD87C25B322202223D7A22/1.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5f20b1d763177090f7027d3a021e2962ac5d18132e3b33f418cc873e991761de

Request headers

Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 05:55:52 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 08:21:48 GMT
server: nginx
age: 55349
etag: W/"19413-1618561308000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: PIx7l5D4C7vxGTcjkTkfOSVFTwHrhC3gdiF5aJfwhDN9xPIeaAkUYg==
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame D7AB 5 KB
2 KB 282ms
93ms Document
text/html 3.232.192.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Requested by: Host: covid.hilton.com
URL: https://covid.hilton.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.192.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Request headers

:method: GET
:authority: prefmgr-cookie.truste-svc.net
:scheme: https
:path: /cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://consent-pref.trustarc.com/

Response headers

date: Mon, 03 May 2021 21:18:21 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
etag: W/"5014-1597208285000"
last-modified: Wed, 12 Aug 2020 04:58:05 GMT
content-encoding: gzip

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 7F04 843 B
734 B 52ms
51ms XHR
application/json 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0386f5001db6dd8f08c1c8cd19fe0cc5f8eb71f0ac821b414406ad4ce4e983b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 67B873F492AD87C25B322202223D7A22
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 03 May 2021 21:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 376
x-xss-protection: 1; mode=block
x-amz-cf-id: awcKwxAiUb9V0eoSOldi0pj8pXWxHhYR0iqy2ym-bbEIKiH3HDtx4g==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 7F04 14 KB
4 KB 50ms
50ms XHR
application/json 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a27b299607fb77d24645e2207c25f6483277605d96543c8d0134c7bcc6b82cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 67B873F492AD87C25B322202223D7A22
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 03 May 2021 21:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 4074
x-xss-protection: 1; mode=block
x-amz-cf-id: nu5NcmHFferr3Gc1FLb7prZC0lSQqv-t0PJQrmNn_iRFD8vDCQvJCA==

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEIxgYIYR7__CcR0HA6fM2xM&google_cver=1
dpm.demdex.net/ Frame C62B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTYwNjM4NjQyNDU5OTk1NTg1MDI1NTIyOTA4MDg4NjYzNzkxOTY=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIxgYIYR7__CcR0HA6fM2xM&google_cver=1?gdpr=0&gdpr_consent=

42 B
975 B

46ms
46ms

Image
image/gif

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIxgYIYR7__CcR0HA6fM2xM&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0353c8187.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Fexj/+ykSL4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIxgYIYR7__CcR0HA6fM2xM&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 7F04 4 KB
4 KB 28ms
28ms Image
image/png 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 05:55:53 GMT
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 08:21:30 GMT
server: nginx
age: 55348
etag: W/"4197-1618561290000"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 4197
x-xss-protection: 1; mode=block
x-amz-cf-id: 2rlNQUfH1l6H3ab30tgLcT8vcFBuXQt3S0wFjxlY0ZyEl3qW1LThhA==

GET
H/1.1

200
OK

ibs:dpid=1175&gdpr=0&dpuuid=aWKLUWlqiwVyZYBTOjGfWWphigRyMItQbGpxUfR1
dpm.demdex.net/ Frame C62B
Redirect Chain

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=aWKLUWlqiwVyZYBTOjGfWWphigRyMItQbGpxUfR1

42 B
975 B

70ms
37ms

Image
image/gif

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=aWKLUWlqiwVyZYBTOjGfWWphigRyMItQbGpxUfR1

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-09a759ea6.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Ixz0XQGgSBk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:21 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=aWKLUWlqiwVyZYBTOjGfWWphigRyMItQbGpxUfR1
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 /
mpp.vindicosuite.com/sync/ Frame C62B 0
276 B 163ms
112ms Image
text/plain 35.186.236.204
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mpp.vindicosuite.com/sync/?pid=27&fr=1
Requested by: Host: covid.hilton.com
URL: https://covid.hilton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.236.186.35.bc.googleusercontent.com
Software: ee2d5e08078cb640588ad60c1400dd319af22492be28c0a4480b033de6b3114a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:21 GMT
via: 1.1 google
server: ee2d5e08078cb640588ad60c1400dd319af22492be28c0a4480b033de6b3114a
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, POST, TRACE, OPTIONS
access-control-allow-origin: *
cache-control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
alt-svc: clear
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H/1.1 200
OK prop.json
facf75f4c6d54591a88a57ced9fd8b9f-4dc2aa82bc5e.cdn.forter.com/ 2 B
624 B 324ms
96ms Ping
application/json 54.158.164.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://facf75f4c6d54591a88a57ced9fd8b9f-4dc2aa82bc5e.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.158.164.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-164-13.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 03 May 2021 21:18:21 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Tue, 22 Dec 2020 12:06:57 GMT
Server: Apache
ETag: "2-5b70c69475942"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://covid.hilton.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=2888A2F6C2CE6A860C80B2DAC31C6B82
dpm.demdex.net/ Frame C62B
Redirect Chain

https://c.bing.com/c.gif?uid=56063864245999558502552290808866379196&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2888A2F6C2CE6A860C80B2DAC31C6B82

42 B
975 B

38ms
37ms

Image
image/gif

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2888A2F6C2CE6A860C80B2DAC31C6B82

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0522813b1.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: rk1/tV2oQqA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:21 GMT
x-msedge-ref: Ref A: 2C2FBBA16A6F4B60BF9DE922AD6E4A67 Ref B: FRAEDGE1317 Ref C: 2021-05-03T21:18:21Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2888A2F6C2CE6A860C80B2DAC31C6B82
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=3047&dpuuid=4871166BCE0C7D&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame C62B
Redirect Chain

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=4871166BCE0C7D&gdpr=0&gdpr_consent=

42 B
975 B

39ms
38ms

Image
image/gif

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=3047&dpuuid=4871166BCE0C7D&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-02d3ecb1f.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: H4xLxZ4bRqE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 21:18:21 GMT
Server: prod-xre-app48.frk11
X-HW: 1620076701.dop001.pa1.t,1620076701.cds031.pa1.shn,1620076701.dop001.pa1.t,1620076701.cds204.pa1.sc,1620076701.cds204.pa1.p
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://dpm.demdex.net/ibs:dpid=3047&dpuuid=4871166BCE0C7D&gdpr=0&gdpr_consent=
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame C62B
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=56063864245999558502552290808866379196&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=56063864245999558502552290808866379196&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
989 B

38ms
37ms

Image
image/gif

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0a032e102.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 300
X-TID: LZ0LtV0PSPQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:22 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 93
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 649c857c2dee2c26-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://dpm.demdex.net/ibs:dpid=22054
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5b1c19900002c26d9076000000001
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 4.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/67B873F492AD87C25B322202223D7A22/ Frame 7F04 39 KB
13 KB 29ms
28ms XHR
application/javascript 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/67B873F492AD87C25B322202223D7A22/4.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b0f77080bf5e1eab5dc36b6cb1bf723099b68ed7ca000f26bd6bcf7ae23765c4

Request headers

Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 05:55:53 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 08:21:48 GMT
server: nginx
age: 55348
etag: W/"39569-1618561308000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: YR6pg1chPwXGFIYcoBUtn-QFsRiNXhDZJlzhyMsdtmpXcWLM86_zwQ==
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame 4010 2 KB
1 KB 28ms
28ms Document
text/html 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /cookie_inneriframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://prefmgr-cookie.truste-svc.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://prefmgr-cookie.truste-svc.net/

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 03 May 2021 05:55:52 GMT
server: nginx
etag: W/"2008-1618561290000"
last-modified: Fri, 16 Apr 2021 08:21:30 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: AuamDekVExWGZeSptR33UuqQwIOHieLkG7wRNKsbz3wlx3EXRY7a6A==
age: 55349

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 7F04 3 KB
3 KB 28ms
28ms Image
image/gif 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Host: covid.hilton.com
URL: https://covid.hilton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 05:55:52 GMT
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 08:21:30 GMT
server: nginx
age: 55349
etag: W/"2608-1618561290000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 2608
x-xss-protection: 1; mode=block
x-amz-cf-id: kBwmCf7SulMSNvu3rrAg1GobiKgrXv4Vkd6orNNrV9k23W9ssUehDg==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 7F04 2 KB
1 KB 48ms
48ms XHR
application/json 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ef214e34c099b38edae7db60ba3da7e249c90aae13342ef1d3c178b134eb1a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 67B873F492AD87C25B322202223D7A22
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 03 May 2021 21:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 717
x-xss-protection: 1; mode=block
x-amz-cf-id: I6pWIRTD3ohR-NN3X7o4BeHziEjj5owIVPCbRoFlKH24p0qrPQMZ5Q==

GET
H2 200 get
consent.trustarc.com/ Frame 7F04 7 KB
7 KB 43ms
42ms Image
image/png 65.9.84.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/get?name=HiltonLogo_Black_HR250.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d3452ec1127967b4fce882b728a14e85f0b78d22024081936dfd4f25bfbc16c5

Request headers

Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 21:06:49 GMT
via: 1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server: nginx
age: 692
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
content-length: 7323
x-amz-cf-id: _R0BW8Kohr3kNweGj2P9UHw8qBFKxgEQAW21NpPcpHLJAI-7DJVZag==
expires: Wed, 02 Jun 2021 21:06:49 GMT

GET
H/1.1

200
OK

ibs:dpid=22069&dpuuid=3014775342227
dpm.demdex.net/ Frame C62B
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233
https://tag.yieldoptimizer.com/ps/ps?tc=877163242&t=i&p=2233
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3014775342227

42 B
975 B

39ms
38ms

Image
image/gif

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3014775342227

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-063fc6c9c.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fNfN0ogvSqA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:22 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3014775342227
cache-control: no-cache
alt-svc: clear
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 7F04 817 KB
140 KB 131ms
130ms XHR
application/json 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b889cdc2839838e6af1db4a5a6cec6564ac7fbda8913f6559c2e4f258eb8c8ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 67B873F492AD87C25B322202223D7A22
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 03 May 2021 21:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 142743
x-xss-protection: 1; mode=block
x-amz-cf-id: 2ssq_bruT8KvKcjYttMiL8MguJwmxb0DDPmPSWiuTvA25cYKQN_UQw==

GET
H2 200 loader.gif
consent-pref.trustarc.com/images/ Frame 7F04 2 KB
2 KB 28ms
28ms Image
image/gif 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loader.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 05:55:52 GMT
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 08:21:30 GMT
server: nginx
age: 55350
etag: W/"1737-1618561290000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1737
x-xss-protection: 1; mode=block
x-amz-cf-id: uuyJOYonsradFEkkJQeNpNe4odZOyoXARLSnkzL8xuG9_amrGIZENg==

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame C62B
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=56063864245999558502552290808866379196&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-nbx_uYZE2pFnqo_w04g_5HlZH1D24N1GII0-~A

42 B
975 B

47ms
46ms

Image
image/gif

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-nbx_uYZE2pFnqo_w04g_5HlZH1D24N1GII0-~A

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0835a9c1f.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Q9FRyaGQScE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 03 May 2021 21:18:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-nbx_uYZE2pFnqo_w04g_5HlZH1D24N1GII0-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK user
bttrack.com/dmp/adobe/ Frame C62B 35 B
380 B 392ms
98ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/dmp/adobe/user?dd_uuid=56063864245999558502552290808866379196
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Mon, 03 May 2021 21:17:59 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1

200
OK

ibs:dpid=66013&dpuuid=
dpm.demdex.net/ Frame C62B
Redirect Chain

https://get.truex.com/adobe/audience_manager/sync
https://dpm.demdex.net/ibs:dpid=66013&dpuuid=

42 B
993 B

35ms
35ms

Image
image/gif

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=66013&dpuuid=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-05e379a4d.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,300
X-TID: cXJaIQMtQfA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 03 May 2021 21:18:22 GMT
server: Goliath
location: https://dpm.demdex.net/ibs:dpid=66013&dpuuid=
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Authorization
content-length: 2

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 7F04 4 KB
4 KB 28ms
27ms Image
image/png 65.9.84.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 05:55:53 GMT
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Fri, 16 Apr 2021 08:21:30 GMT
server: nginx
age: 55349
etag: W/"4197-1618561290000"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 4197
x-xss-protection: 1; mode=block
x-amz-cf-id: zGvL2n-Ux9po0913KYtu5MIpyyaOs2uSG3JIS9tHTJV72LDAMAPUOA==

GET
H/1.1 200
OK CookieSyncAdobe
rtb.adentifi.com/ Frame C62B 0
88 B 386ms
96ms Image
text/plain 35.171.36.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdobe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.36.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2 200 get
consent.trustarc.com/ Frame 7F04 310 B
651 B 27ms
27ms Image
image/svg+xml 65.9.84.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/get?name=yescheckmark.svg
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=fr&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b00537ac126a8df429c1849f3ccf4ee50eff2bf16026df7e4d5c7e6d7303a6e5

Request headers

Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 20:27:45 GMT
via: 1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
server: nginx
age: 3037
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
content-length: 310
x-amz-cf-id: uVT02JaKf-maB0RF80bzh-YEHrMMp6m-RijT9agtSzZD23gEBtpP5g==
expires: Wed, 02 Jun 2021 20:27:45 GMT

GET
H2 200 logo_small.gif
df45ay5pw60dy.cloudfront.net/ 43 B
384 B 55ms
15ms Image
image/gif 2600:9000:2070:8e00:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_small.gif?check=1620076702622&popunder=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2070:8e00:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 21:51:18 GMT
via: 1.1 67c53a3f025013bfb9704050f9d1933a.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:30 GMT
server: AmazonS3
age: 430025
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-length: 43
x-amz-cf-id: 8URYMk3BkzK3HnPnQBnJ4Zl0EAZrcSS3t5FkG7RPmALrZi7C4l8fDA==

GET
H2 200 logo_medium.gif
df45ay5pw60dy.cloudfront.net/ 43 B
384 B 54ms
15ms Image
image/gif 2600:9000:2070:8e00:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_medium.gif?check=1620076702622&refererPageDetail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2070:8e00:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 02:01:11 GMT
via: 1.1 67c53a3f025013bfb9704050f9d1933a.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:14 GMT
server: AmazonS3
age: 1291092
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-length: 43
x-amz-cf-id: FNhyGOZ0jIMe2M4MxjPamBr13-LqK6e_R7ExAVpOPC8XOnsOeDQJow==

GET
H2 200 logo_large.gif
df45ay5pw60dy.cloudfront.net/ 43 B
384 B 54ms
15ms Image
image/gif 2600:9000:2070:8e00:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_large.gif?1620076702622&-linkd-32.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2070:8e00:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 22:05:52 GMT
via: 1.1 67c53a3f025013bfb9704050f9d1933a.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:02 GMT
server: AmazonS3
age: 1206751
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-length: 43
x-amz-cf-id: 94Tn0R_eBVqFGldR9xZGahX8wEU3fxJ_I6y34xXEWcUSyYaIFYEUuQ==

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=db63969ceb95e7b99effd837771a5e4d
dpm.demdex.net/ Frame C62B
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=56063864245999558502552290808866379196?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=56063864245999558502552290808866379196?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=db63969ceb95e7b99effd837771a5e4d

42 B
975 B

39ms
39ms

Image
image/gif

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=db63969ceb95e7b99effd837771a5e4d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0353c8187.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: NIorNifdQBw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:22 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=db63969ceb95e7b99effd837771a5e4d
cache-control: no-cache
x-server: 10.45.18.194
content-length: 0
expires: 0

GET
H/1.1

200
OK

ibs:dpid=70027&dpuuid=4957988205880716540
dpm.demdex.net/ Frame C62B
Redirect Chain

https://pix-us.revjet.com/idsync/adobe/1?aam_id=56063864245999558502552290808866379196&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D70027%26dpuuid%3D%24%24visitor_id%24%24
https://dpm.demdex.net/ibs:dpid=70027&dpuuid=4957988205880716540

42 B
975 B

44ms
44ms

Image
image/gif

54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=70027&dpuuid=4957988205880716540

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-07d1da54e.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: wJtxqe7GTXY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:22 GMT
access-control-allow-methods: GET, POST, OPTIONS
location: https://dpm.demdex.net/ibs:dpid=70027&dpuuid=4957988205880716540
cache-control: no-store
access-control-allow-credentials: true
content-length: 0
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C62B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUpCb25BQUFBTGVtWUNrTg==

170 B
188 B

94ms
44ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUpCb25BQUFBTGVtWUNrTg==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620076703.911342,VS0,VE0
x-served-by: cache-hhn4030-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUpCb25BQUFBTGVtWUNrTg==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C62B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YJBonAAAALemYCkN&expires=90

0
239 B

100ms
25ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YJBonAAAALemYCkN&expires=90
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620076703.960663,VS0,VE0
x-served-by: cache-hhn4030-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YJBonAAAALemYCkN&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C62B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJBonAAAALemYCkN
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJBonAAAALemYCkN&C=1

43 B
1003 B

40ms
40ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJBonAAAALemYCkN&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 21:18:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 21:18:23 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 21:18:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YJBonAAAALemYCkN&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Mon, 03 May 2021 21:18:23 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C62B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YJBonAAAALemYCkN

43 B
1 KB

25ms
25ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YJBonAAAALemYCkN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 21:18:23 GMT
X-Proxy-Origin: 84.17.43.134; 84.17.43.134; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.74:80
AN-X-Request-Uuid: 935dc6a3-5729-4641-afdb-d1d9f417e97e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620076703.178137,VS0,VE0
x-served-by: cache-hhn4030-HHN
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YJBonAAAALemYCkN
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C62B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YJBonAAAALemYCkN
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YJBonAAAALemYCkN

43 B
180 B

41ms
40ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YJBonAAAALemYCkN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:23 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YJBonAAAALemYCkN
date: Mon, 03 May 2021 21:18:23 GMT
via: 1.1 google
server: OXGW/16.206.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame C62B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJBonAAAALemYCkN

1 B
809 B

111ms
27ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJBonAAAALemYCkN
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 21:18:23 GMT
X-lat: lhrpug018:0:407
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620076703.363405,VS0,VE0
x-served-by: cache-hhn4030-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJBonAAAALemYCkN
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame C62B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YJBonAAAALemYCkN&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YJBonAAAALemYCkN&img=1&__user_check__=1&sync_id=17c2a9fe-ac55-11eb-a394-1ce730eb0406

43 B
548 B

29ms
29ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YJBonAAAALemYCkN&img=1&__user_check__=1&sync_id=17c2a9fe-ac55-11eb-a394-1ce730eb0406
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 21:18:23 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 89
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 03 May 2021 21:18:23 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YJBonAAAALemYCkN&img=1&__user_check__=1&sync_id=17c2a9fe-ac55-11eb-a394-1ce730eb0406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 140
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

b.php
www.facebook.com/fr/ Frame C62B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YJBonAAAALemYCkN&t=2592000&o=0

43 B
69 B

32ms
32ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YJBonAAAALemYCkN&t=2592000&o=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 14:18:23 PDT
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: qCSbO0x0z5gLIss91s/NHn1pLFgMTBSLRe2rcBDvTIM4CJBTk42l4miHvj8XqK3okHRTivkSo8xCfstQjVl7Qg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Mon, 03 May 2021 14:18:23 PDT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620076704.564829,VS0,VE0
x-served-by: cache-hhn4030-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YJBonAAAALemYCkN&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

28ee09cd3b4f7a7f6e22e61f18ab0fbea1bb965a2b8f1530ecef370bb796cb42ac7f4bcc631750e1def04dd4a478 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/28ee09cd3b4f7a7f6e22e61f18ab0fbea1bb965a2b8f1530ecef370bb796cb42ac7f4bcc631750e1def04dd4a478

0
322 B

137ms
136ms

XHR
text/plain

54.192.210.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/28ee09cd3b4f7a7f6e22e61f18ab0fbea1bb965a2b8f1530ecef370bb796cb42ac7f4bcc631750e1def04dd4a478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-21.ham50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:24 GMT
via: 1.1 dabb0767cb7bc0fc02f46ee84ad4dbd9.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: N6zt981bl-SbRrKBNbYf2eEseuWLojLv7k4hqO_gBQnap4KCKBbYsQ==

Redirect headers

date: Mon, 03 May 2021 21:18:24 GMT
via: 1.1 dabb0767cb7bc0fc02f46ee84ad4dbd9.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
location: https://cdn9.forter.com/vchk2/v1/28ee09cd3b4f7a7f6e22e61f18ab0fbea1bb965a2b8f1530ecef370bb796cb42ac7f4bcc631750e1def04dd4a478
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: 0tAtSQ_WXNEiwZbcXlJVwuH9jPJQuGLYzNXgO6aDTWrjpVXLCQQW9w==

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/43/8b/ 75 KB
28 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/43/8b/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCVe0my2llx6AMJ-sI6JKIzpTnJOoLthwI&callback=initMap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2410c054eebf410d7a9b10f695ea6c1fbd25812ff7bbdc23cf47b25d4b74d2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 20:22:44 GMT
server: sffe
age: 596591
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28232
x-xss-protection: 0
expires: Tue, 26 Apr 2022 23:35:14 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/43/8b/ 145 KB
54 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/43/8b/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCVe0my2llx6AMJ-sI6JKIzpTnJOoLthwI&callback=initMap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

beb3001ee57a4f4729d1ec1925fe4db157c0a88e995f99c335a4709da04cd264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 22:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 20:22:44 GMT
server: sffe
age: 340653
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55019
x-xss-protection: 0
expires: Fri, 29 Apr 2022 22:40:52 GMT

GET
H3-29 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 233 B
214 B 38ms
25ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fcovid.hilton.com%2F&4sAIzaSyCVe0my2llx6AMJ-sI6JKIzpTnJOoLthwI&callback=_xdc_._6cswg8&key=AIzaSyCVe0my2llx6AMJ-sI6JKIzpTnJOoLthwI&token=30775

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/43/8b/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

f9a7bd809780d47c3ff869bbaa359894581d7aba56c6c540138f49d3524f4252

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:25 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=11
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events
cdn3.forter.com/ 0
240 B 104ms
104ms Ping
text/plain 34.202.81.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.81.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-81-13.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Mon, 03 May 2021 21:18:29 GMT
vary: Origin
access-control-allow-origin: https://covid.hilton.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
strict-transport-security: max-age=86400; includeSubDomains
timing-allow-origin: *
expires: -1

GET
H2

200

28ee09cd3b4f7a7f6e22e61f18ab0fbea1bb965a2b8f1530ecef370bb796cb42ac7f4bcc631750e1def14ad4aa74 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/28ee09cd3b4f7a7f6e22e61f18ab0fbea1bb965a2b8f1530ecef370bb796cb42ac7f4bcc631750e1def14ad4aa74

0
322 B

130ms
130ms

XHR
text/plain

54.192.210.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/28ee09cd3b4f7a7f6e22e61f18ab0fbea1bb965a2b8f1530ecef370bb796cb42ac7f4bcc631750e1def14ad4aa74

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.210.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-210-21.ham50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://covid.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:18:33 GMT
via: 1.1 dabb0767cb7bc0fc02f46ee84ad4dbd9.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: 7W-u2Xetq2y68uwln14pFe-K7xC5NF5hUTwx9lq0gMaP92WhUf1c3Q==

Redirect headers

date: Mon, 03 May 2021 21:18:33 GMT
via: 1.1 dabb0767cb7bc0fc02f46ee84ad4dbd9.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
location: https://cdn9.forter.com/vchk2/v1/28ee09cd3b4f7a7f6e22e61f18ab0fbea1bb965a2b8f1530ecef370bb796cb42ac7f4bcc631750e1def14ad4aa74
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: 5SQr6JVONE4MD3rTTPyifwRe1zWC9QnDY5b_kgewunpz06dBAh7vJA==

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
prefmgr-cookie.truste-svc.net/	1970-01-19 18:01:16	Name: cookie_3rdparty Value: enabled
.demdex.net/	1970-01-19 22:20:28	Name: dextp Value: 21-1-1620076700870\|60-1-1620076701028\|358-1-1620076701129\|470-1-1620076701232\|771-1-1620076701335\|1175-1-1620076701447\|20-1-1620076701547
.hilton.com/	1970-01-19 18:01:21	Name: ftr_blst_1h Value: 1620076701047
.hilton.com/	1970-01-19 18:01:18	Name: gpv_v9 Value: hilton-s-covid-19-response-amp-policies-hotels-by-hilton%3Ahomepage
.hilton.com/	1970-01-21 13:49:16	Name: ftr_ncd Value: 6
.covid.hilton.com/	1970-01-19 18:44:28	Name: aam_uuid Value: 56063864245999558502552290808866379196
.hilton.com/	1970-01-21 13:49:16	Name: forterToken Value: facf75f4c6d54591a88a57ced9fd8b9f_1620076700629__UDF43_9ck
.covid.hilton.com/	1970-01-19 18:44:28	Name: TMS Value: web%3D17836315%2Cweb%3D14342019%2CWeb-app%3D19485237%2Cweb-app%3D15300019%2Cweb-app%3D21881915
.hilton.com/	1970-01-20 11:32:28	Name: AMCV_F0C120B3534685700A490D45%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18751%7CMCMID%7C56039617056800585652549927112770348275%7CMCAAMLH-1620681500%7C6%7CMCAAMB-1620681500%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1620083900s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18758%7CvVersion%7C5.2.0
.hilton.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.hilton.com/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu
.hilton.com/	1970-01-19 18:01:18	Name: s_dfa Value: hiltonglobalprod
.demdex.net/	1970-01-19 22:20:28	Name: demdex Value: 56063864245999558502552290808866379196
.hilton.com/	1970-01-20 11:32:28	Name: s_ecid Value: MCMID%7C56039617056800585652549927112770348275
.hilton.com/	1969-12-31 23:59:59	Name: AMCVS_F0C120B3534685700A490D45%40AdobeOrg Value: 1

53 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://covid.hilton.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	(Line 2) Message: TrustArc Global Fired
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/es6.js(Line 1) Message: null
console-api	log	URL: https://covid.hilton.com/(Line 1136) Message: XD Adobe Analytics - getAdobeOutput() function called. This is deprecated and can safely be removed from the templates. Have a nice day :)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] --c2 init--
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] timeout: 0 (number)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] captionTemplate: <span class='cp-slider__controls--current'>{{slideNum}}</span><span class='cp-slider__controls--of'>of</span><span class='cp-slider__controls--max'>{{slideCount}}</span> (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] caption: >.cp-slider__controls>.cp-slider__slide-counter (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] prev: >.cp-slider__controls>.cp-slider__controls--arrow-left (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] next: >.cp-slider__controls>.cp-slider__controls--arrow-right (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] fx: scrollHorz (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] --c2 init--
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] timeout: 0 (number)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] captionTemplate: <span class='cp-slider__controls--current'>{{slideNum}}</span><span class='cp-slider__controls--of'>of</span><span class='cp-slider__controls--max'>{{slideCount}}</span> (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] caption: >.cp-slider__controls>.cp-slider__slide-counter (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] prev: >.cp-slider__controls>.cp-slider__controls--arrow-left (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] next: >.cp-slider__controls>.cp-slider__controls--arrow-right (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] fx: scrollHorz (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] --c2 init--
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] timeout: 0 (number)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] captionTemplate: <span class='cp-slider__controls--current'>{{slideNum}}</span><span class='cp-slider__controls--of'>of</span><span class='cp-slider__controls--max'>{{slideCount}}</span> (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] caption: >.cp-slider__controls>.cp-slider__slide-counter (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] prev: >.cp-slider__controls>.cp-slider__controls--arrow-left (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] next: >.cp-slider__controls>.cp-slider__controls--arrow-right (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] fx: scrollHorz (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] --c2 init--
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] [0] target: (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] [0] linktext: (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] [0] link: (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] [0] subtitle: Our commitment starts with updating our policies, services, and processes to ensure the safest and most enjoyable experience possible. (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/plugins.min.js(Line 1) Message: [cycle2] [0] title: Committed to You (string)
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/main.min.js(Line 1) Message: checking for video masthead content
console-api	log	URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js(Line 2) Message: TypeError: Cannot read property '0' of undefined
console-api	log	URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js(Line 4) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js(Line 4) Message:
console-api	log	URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.js(Line 1) Message: _button_text_modal_handler
console-api	log	URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.js(Line 1) Message: modal--674b718bd6cee7d0fcffa636cb4ae75b
console-api	log	URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.js(Line 1) Message: modal-face-coverings-are-now-required
console-api	log	URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.js(Line 1) Message: modal--83f141d615831f4801d66439d6b955e3
console-api	log	URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.js(Line 1) Message: modal-honors
console-api	log	URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.js(Line 1) Message: modal--68028f3c20b6b434ef1dfdf842ef70d7
console-api	log	URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.js(Line 1) Message: modal-get-to-elite-status-sooner
console-api	log	URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.js(Line 1) Message: modal--2a26fef2a696de266363aa15b5f43ddb
console-api	log	URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.js(Line 1) Message: modal-earn-milestone-bonuses-faster
console-api	log	URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.js(Line 1) Message: modal--e8835ee2e0a1f52eb62c83daedab3a2b
console-api	log	URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.js(Line 1) Message: modal-enjoy-more-flexibility-and-value-with-hilton-honors-american-express-cards
console-api	log	URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.js(Line 1) Message: modal--2af1473290f0f8384e5417e58bc5a3ec
console-api	log	URL: https://covid.hilton.com/wp-content/themes/covidhub-theme/dist/main.min.js(Line 1) Message: modal-policy
console-api	log	URL: https://covid.hilton.com/wp-content/themes/xd-theme/dist/main.min.js(Line 1) Message: cookie not set - remove hide class
console-api	log	URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js(Line 2) Message: visitor.publishDestinations() result: The destination publishing iframe is already attached and loaded.
console-api	log	(Line 38) Message: doing run once
console-api	log	URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js(Line 4) Message:
console-api	error	URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCVe0my2llx6AMJ-sI6JKIzpTnJOoLthwI&callback=initMap(Line 69) Message: Google Maps JavaScript API error: RefererNotAllowedMapError https://developers.google.com/maps/documentation/javascript/error-messages#referer-not-allowed-map-error Your site URL to be authorized: https://covid.hilton.com/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4dc2aa82bc5e.cdn4.forter.com
a.tribalfusion.com
aa.agkn.com
assets.adobedtm.com
bttrack.com
c.bing.com
cdn3.forter.com
cdn9.forter.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
covid.hilton.com
d.turn.com
df45ay5pw60dy.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
facf75f4c6d54591a88a57ced9fd8b9f-4dc2aa82bc5e.cdn.forter.com
fls.doubleclick.net
get.truex.com
hilton.demdex.net
i.icomoon.io
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
maps.googleapis.com
mpp.vindicosuite.com
p.typekit.net
pix-us.revjet.com
pixel.quantserve.com
pixel.rubiconproject.com
prefmgr-cookie.truste-svc.net
rtb.adentifi.com
s.tribalfusion.com
servedby.flashtalking.com
smetric.hilton.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
tag.yieldoptimizer.com
us-u.openx.net
use.typekit.net
www.facebook.com
107.23.149.138
142.250.185.162
15.237.136.106
151.101.114.49
172.217.16.134
185.64.190.80
185.94.180.126
192.132.33.46
2.18.234.21
2001:678:cb4:bbbb::13
205.185.216.42
212.82.100.182
2600:9000:2070:8e00:10:f40e:dd80:21
2606:4700::6812:d05
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a02:26f0:120::5435:8c68
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00:299::1e80
2a02:26f0:6c00::210:ba2a
2a03:2880:f11c:8183:face:b00c:0:25de
3.127.52.31
3.232.192.25
34.202.81.13
34.251.130.56
35.171.36.131
35.186.212.60
35.186.236.204
35.244.159.8
35.244.174.68
37.252.173.27
52.222.183.88
54.158.164.13
54.170.210.188
54.192.210.21
54.193.7.186
54.194.191.134
54.230.183.72
65.9.84.31
65.9.84.41
69.173.144.165
74.217.31.247
016fed809cee81877351065c8daa172aac2021c14fb921e9cf6d92d5a075a4de
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0386f5001db6dd8f08c1c8cd19fe0cc5f8eb71f0ac821b414406ad4ce4e983b8
038f25dc1d79521cf797f505812cd4aa3b301292dda0c33b6e6d62c368008fc7
03b6d81f3b90f66a18232cd3169a4f3489ae5dd3dfd578f77571478f86736a17
08263a065b8d080bc96b991d6e1a94693806014097e977740a78de7d638b17fe
0a9073f8a864d021091181726653951f100dfcabb6d1c04d91c4fd0e74a4e35a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e5a354931a7e3064e75faedeafc2f9dc580b7e2eb9795a27ae430574f640854
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
134f7118587def3881fb7e0b5db92a8233966d228b2bde4ce3c461d42e4b86b4
16d6cfea734ce7d8398b2862a7caf77bf7269821960d4e46f561bcf49254f463
18161167da2aa8bd6a834d0d80ff023f9ec20da9578f59882d3a2c5494457e58
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ea22ef5cc12712e650ac15269e8e7b75904f47246ce6eb04bf0fcd42f8bed77
2410c054eebf410d7a9b10f695ea6c1fbd25812ff7bbdc23cf47b25d4b74d2f6
26913280199916784f9af92b89a0a1bf7e7d752a07682cd51f8d3ebe0c08170d
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2e1b09e83d7f47cb8b19d062e70d8f4d2496e46f6d9d3a998a5da03a0d2adae4
2efec2fd023d1a979db53148075bdac2ab5f3a7c6236a49b74779a8eb469ad5b
32353df998d7ae5d282acacf732a207a5dcc96439b03d27095d20a58ba05b871
324d93555d71c53bece2225c5a7beed9a2d587989cecae0d8d7eccfe581587a3
3302ef568a096b5d784190fc4a27a5360a9e0a22c069d90253c6341e311024d8
358d61868170f136feb3e35c9ca7ca01cde6c01c4fb5c69545ee87757c8a83df
3843231c1d3df4bd3ede44bda7d0ff4321f194fe706b606c57566ff8dcbb39b3
3b9532e5eb289fc7260ac03d5dbda85ef424798b054f744605b9d97ef66c7fd1
3bd7a27d15c429e9f53fa4df1268ec7229b1103c5ee81d980ad55f1868425bb5
3c22469742b4b32ee8f6154b2eed56f9b183ef81e90b04cd8c0bbf57676f3fa7
3db577869cbe9e2e300e6575965aa1c63ae1054fbbd66aa166c8efb04d5c706f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c34c9fc997e68001947abb05032584ab50b0bc6c54b18f58ea0121deebf4b89
4caeed9f547d857c8ae818ab19647c9a65521849692d3bcdaf24486d6c418545
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51a0078ffdd30df8723ed143e0c566f8fc077138535741c38f57a634a49beb3b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58e42948452ea55ea4aee8d306baf470cd209d24190e16687b245dcde8e76c27
59d0a96ba9775379655668663212cb0b9967f641858e4da0713a03d14900246e
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5f20b1d763177090f7027d3a021e2962ac5d18132e3b33f418cc873e991761de
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
636435d9e1b631536ba8fbd41b01b1d75246eafc97e68a4fad7585f09409d596
64e07ac59e021e72b359c0e2527a87e7eef99bf922fcd3cbae25b3495c2a25de
64f756199579649cf5ce2c19f3acd25b002f88fcb904ab8d0950bb9621b5dab7
656a227f88e0f2ae1fbb6a42454ba038f7b67e630e22cca1a00383eff854a245
671e11a685b334d00d00527841210bef4b9fa8fbb32cd82e0f10cb77843174b7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
705a244da012089db376798674cea6963e932cb35c21e41b2c661c6fa2f09d2b
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7bf41d52d6ee4c765a37b62502bef9c55b49311e956baadb373122d2b6aa15e3
7df141b887f0a0443fb6d31dc8c48afe0afaaac56528038a50d1b46c2ff87fa2
87ac9a2a993f8bcd1a7cd91efb4cdc24597a4848297b8f19db2689717812dc89
8952ccc09c989c9864dc4d80fc2ff261a1aec5ce7e02ad9bfe4d0c71b51928a0
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b618b8d795dd7a1f4ae8ed599a325bf3813a243ee94c9a0c0ff45527040e63c
9b7b68ae0fbb39e3ad94dde4ee7a8813de3a8ce21c9d4c0dae0d07a23c5032ac
a27b299607fb77d24645e2207c25f6483277605d96543c8d0134c7bcc6b82cfd
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a89cd2933ab5dee0039bcf3a96ba5c0272f4cf7a12e864b3444b2fd1c880b8af
aa87d0d52d588d2e7f5b3d4286d6751d42e0f4338d8a6a4806080894e70922f2
ab77584aacbfa4a2a0eefb220e308c3f067656ced41e864a9e80c65836b5ce93
b00537ac126a8df429c1849f3ccf4ee50eff2bf16026df7e4d5c7e6d7303a6e5
b04a96c337f8c6a2ef0ae6c990355361976669f68b07abb81bef1c7a52def94e
b0f77080bf5e1eab5dc36b6cb1bf723099b68ed7ca000f26bd6bcf7ae23765c4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b889cdc2839838e6af1db4a5a6cec6564ac7fbda8913f6559c2e4f258eb8c8ab
b9e24555cbe05372ee4f10a4b912f9d261b02cf57281bab9c9a90bf93d47e809
bbdd2d949277274cd5c44236484aab5740dfec2c1be5e0f752756e62da040a44
beb3001ee57a4f4729d1ec1925fe4db157c0a88e995f99c335a4709da04cd264
c862ef634a54b3802e0fcff950b2f45c671db2f117701248e84e3efd741d784f
c895f4a6a9f62c01a1cccad30b19f5271d5953ec4642664c90ea45b5adc8573e
ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93
d3452ec1127967b4fce882b728a14e85f0b78d22024081936dfd4f25bfbc16c5
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d4bef2d91bd01eaeba3c9d62545eb98cec13e41bfacdbf28cf1c17bc7f1a35e4
d68d790281fcf16c8f6c2c23346a1da17f552f2d823125129915ad994a9ad186
e07a6b852fe9c45ee8038d53486a3a40c1e824c32d28a34cc91f0f287a5ee9c1
e1aa325d5f0ebba8af1dcc9ac33d766d8edc38ec009543aeaaa65932f9b7b2ed
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c539fcdc8b1af3e06722830d7cff727b2143a2f3c7fe10368d164ada96c399
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ed2deb9777bc2d92526c909f01ff761adfb64928a39415d28cb5ae06c163460d
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef214e34c099b38edae7db60ba3da7e249c90aae13342ef1d3c178b134eb1a76
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f9a7bd809780d47c3ff869bbaa359894581d7aba56c6c540138f49d3524f4252
fbd4ebffd2dd1e8d8e3ab577657c73edef4a96d1df51a99a456215a754e6f4e9
ffb993559b6eecfca1a36b74ee3f3a5ca8d65419226f58936c79dee672c53147

covid.hilton.com Open in urlscan Pro 2a02:26f0:120::5435:8c68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

125 Requests

100 %HTTPS

26 %IPv6

34 Domains

45 Subdomains

29 IPs

5 Countries

3377 kBTransfer

5803 kBSize

15 Cookies

35 Outgoing links

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

covid.hilton.com Open in urlscan Pro
2a02:26f0:120::5435:8c68 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

100 %
HTTPS

26 %
IPv6

34
Domains

45
Subdomains

29
IPs

5
Countries

3377 kB
Transfer

5803 kB
Size

15
Cookies

125 HTTP transactions
0 data transactions